From f5c6870c3cb82d3bea0152147c43d0a2acfbd405 Mon Sep 17 00:00:00 2001
From: Scott Kitterman <>
Date: Tue, 17 Apr 2007 11:37:07 +0000
Subject: [PATCH] * Add handler for list of relay addresses to bypass.

---
 postfix-policyd-spf-perl | 24 ++++++++++++++++++++++++
 test_cases               |  8 ++++++++
 2 files changed, 32 insertions(+)

diff --git a/postfix-policyd-spf-perl b/postfix-policyd-spf-perl
index 75c6396..cb75f7e 100755
--- a/postfix-policyd-spf-perl
+++ b/postfix-policyd-spf-perl
@@ -43,6 +43,10 @@ my @HANDLERS = (
         name => 'exempt_localhost',
         code => \&exempt_localhost
     },
+    {
+        name => 'exempt_relay',
+        code => \&exempt_relay
+    },
     {
         name => 'sender_policy_framework',
         code => \&sender_policy_framework
@@ -69,6 +73,11 @@ use constant localhost_addresses => map(
     qw(  127.0.0.0/8  ::ffff:127.0.0.0/104  ::1  )
 );  # Does Postfix ever say "client_address=::ffff:<ipv4-address>"?
 
+use constant relay_addresses => map(
+    NetAddr::IP->new($_),
+    qw(  )
+); # add addresses to qw (  ) above separated by spaces using CIDR notation.
+
 my %results_cache;  # by message instance
 
 # ----------------------------------------------------------
@@ -168,6 +177,21 @@ sub exempt_localhost {
     return 'DUNNO';
 }
 
+# ----------------------------------------------------------
+#                handler: relay exemption
+# ----------------------------------------------------------
+
+sub exempt_relay {
+    my %options = @_;
+    my $attr = $options{attr};
+    if ($attr->{client_address} != '') {
+        my $client_address = NetAddr::IP->new($attr->{client_address});
+        return 'PREPEND X-Comment SPF skipped for whitelisted relay'
+            if grep($_->contains($client_address), relay_addresses);
+    };
+    return 'DUNNO';
+}
+
 # ----------------------------------------------------------
 #                        handler: SPF
 # ----------------------------------------------------------
diff --git a/test_cases b/test_cases
index 6d9e0a7..0a4056c 100644
--- a/test_cases
+++ b/test_cases
@@ -70,4 +70,12 @@ recipient=bogus2@kitterman.org
 queue_id=q1234
 instance=3
 
+#localhost bypass
+request=smtpd_access_policy
+client_address=192.168.0.1
+helo_name=mailout03.controlledmail.com
+sender=scott@kitterman.com
+recipient=bogus2@kitterman.org
+queue_id=q1234
+instance=12