Documentation cleanup.
This commit is contained in:
Scott Kitterman
parent
1486640042
commit
f778a5ebbf
4 changed files with 32 additions and 16 deletions
3
CHANGES
3
CHANGES
|
|
@ -4,13 +4,14 @@
|
|||
# ! = Changed something significant, or removed a feature
|
||||
# * = Fixed a bug, or made a minor improvement
|
||||
|
||||
--- UNRELEASED (2007-04-30 19:03)
|
||||
--- 2.005 (2007-12-14 23:29 -0500)
|
||||
* Decreased timeout for DNS queries via UDP to 10s from Net::DNS::Resolver's
|
||||
default of 40s (by doing only 1 retransmission rather than 3 after a query
|
||||
fails). Until Mail::SPF provides an explicit option for this, we just
|
||||
create our own resolver object and make Mail::SPF use that.
|
||||
* Adjust master.cf recommendations in INSTALL for new recommendations from
|
||||
Wietse Venema (postfix-users mailing list).
|
||||
* Other minor documentation cleanup
|
||||
|
||||
--- 2.004 (2007-04-18 15:36)
|
||||
* Fix header text to work with Postfix (access 5 requirements).
|
||||
|
|
|
|||
4
INSTALL
4
INSTALL
|
|
@ -30,5 +30,7 @@ Installing
|
|||
NOTE: Specify check_policy_service AFTER reject_unauth_destination or
|
||||
else your system can become an open relay.
|
||||
|
||||
4. Restart Postfix.
|
||||
4. Add "policy_time_limit = 3600" to main.cf
|
||||
|
||||
5. Restart Postfix.
|
||||
|
||||
|
|
|
|||
24
README
24
README
|
|
@ -1,6 +1,6 @@
|
|||
postfix-policyd-spf-perl 2.003
|
||||
postfix-policyd-spf-perl 2.005
|
||||
A Postfix SMTPd policy server for SPF checking
|
||||
(C) 2007 Scott Kitterman <scott@kitterman.com> and Julian Mehnle
|
||||
(C) 2007 Scott Kitterman <scott@kitterman.com> and Julian Mehnle
|
||||
<julian@mehnle.net>
|
||||
(C) 2003-2004 Meng Weng Wong <mengwong@pobox.com>
|
||||
Thanks for contributions by various members of the SPF project
|
||||
|
|
@ -10,31 +10,31 @@ Thanks for contributions by various members of the SPF project
|
|||
postfix-policyd-spf-perl is a Postfix SMTPd policy daemon for SPF checking.
|
||||
It is implemented in pure Perl and uses the Mail::SPF CPAN module. Note that
|
||||
Mail::SPF is a complete re-implementation of SPF based on the final SPF RFC,
|
||||
RFC 4408. It shares no code with the older Mail::SPF::Query that was the
|
||||
original SPF development implementation. If you are upgrading from on older
|
||||
RFC 4408. It shares no code with the older Mail::SPF::Query that was the
|
||||
original SPF development implementation. If you are upgrading from on older
|
||||
version of this policy server you will need to install Mail::SPF.
|
||||
|
||||
This version of the policy server always checks HELO before Mail From (older
|
||||
versions just checked HELO if Mail From was null). It will reject mail that
|
||||
fails either Mail From or HELO SPF checks. It will defer mail if there is a
|
||||
This version of the policy server always checks HELO before Mail From (older
|
||||
versions just checked HELO if Mail From was null). It will reject mail that
|
||||
fails either Mail From or HELO SPF checks. It will defer mail if there is a
|
||||
temporary SPF error and the message would othersise be permitted
|
||||
(DEFER_IF_PERMIT). If the HELO check produces a REJECT/DEFER result, Mail From
|
||||
will not be checked.
|
||||
|
||||
If the message is not rejected or deferred, the policy server will PREPEND the
|
||||
If the message is not rejected or deferred, the policy server will PREPEND the
|
||||
appropriate SPF Received header. If Mail From is anything other than completely
|
||||
empty (i.e. <>) then the Mail From result will be used for SPF Received (e.g.
|
||||
Mail From None even if HELO is Pass).
|
||||
|
||||
The policy server skips SPF checks for connections from the localhost (127.) and
|
||||
instead prepends and logs 'SPF skipped - localhost is always allowed.' If you
|
||||
have relays that you want to skip SPF checks for, you can add them to
|
||||
instead prepends and logs 'SPF skipped - localhost is always allowed.' If you
|
||||
have relays that you want to skip SPF checks for, you can add them to
|
||||
relay_addresses on line 78 using standard CIDR notation in a space separated
|
||||
list. For these addresses, 'X-Comment: SPF skipped for whitelisted relay' is
|
||||
prepended and logged.
|
||||
|
||||
Error conditions within the policy server (that don't result in a crash) or from
|
||||
Mail::SPF will return DUNNO.
|
||||
Error conditions within the policy server (that don't result in a crash) or from
|
||||
Mail::SPF will return DUNNO.
|
||||
|
||||
See INSTALL for installation instructions.
|
||||
|
||||
|
|
|
|||
17
test_cases
17
test_cases
|
|
@ -19,7 +19,7 @@ instance=2
|
|||
#no HELO and mfrom pass
|
||||
request=smtpd_access_policy
|
||||
client_address=72.81.252.18
|
||||
helo_name=mailout03.controlledmail.com
|
||||
helo_name=72.81.252.18
|
||||
sender=scott@kitterman.com
|
||||
recipient=bogus@kitterman.org
|
||||
queue_id=q1234
|
||||
|
|
@ -127,8 +127,21 @@ instance=15
|
|||
# Permerror reject
|
||||
request=smtpd_access_policy
|
||||
client_address=72.81.252.18
|
||||
helo_name=mailout00.yahoo.com
|
||||
helo_name=elvey.com
|
||||
sender=scott@elvey.com
|
||||
recipient=bogus2@kitterman.org
|
||||
queue_id=q1234
|
||||
instance=16
|
||||
|
||||
# None and None
|
||||
request=smtpd_access_policy
|
||||
client_address=71.17.127.27
|
||||
helo_name=71-17-127-27.estv.hsdb.sasknet.sk.ca
|
||||
sender=dalbecbhoj@accessamericatransport.com
|
||||
recipient=hostmaster@jamux.com
|
||||
|
||||
request=smtpd_access_policy
|
||||
client_address=200.120.31.84
|
||||
helo_name=autohaus-knabe.de
|
||||
sender=daniel.hahnomjy@autohaus-knabe.de
|
||||
recipient=jam@jamux.com
|
||||
Loading…
Add table
Add a link
Reference in a new issue