Greets all,
I've been Googeling for a while now and can't seem to find an answer to
my questions so I'll post it here.
I'm running 4.41 w/exiscan and lspf2.
I have the example ACL working the way I want and life is good. But now
I need to tweak it to support my road-warriors. I have people in the
field w/laptops that use the corporate mail server to send mail.
Is it possible to use something like
!verify = sender
in the acl_check_rcpt ACL to override the SPF check?
Currently, I have this for SPF support:
warn message = X-SPF-3: SPOOF!
sender_domains = +local_domains
spf = !pass
warn message = X-SPF-1: SPF Failed.
spf = fail
warn message = X-SPF-2: $spf_received
log_message = $spf_received
spf = fail
warn message = X-SPF-1: SPF $spf_result
spf = !fail
warn message = X-SPF-2: $spf_received
log_message = $spf_received
spf = !fail
This puts 2 or 3 headers in each email.
X-SPF-1 = the result
X-SPF-2 = the SPF record
X-SPF-3 = Optional. If this looks like a spoofed local domain.
I'm just testing before I start doming something more draconian. But I'd
like to modify X-SPF-3 to ignore a !pass if this is a valid user of the
system.
For the moment, I'm thinking:
warn message = X-SPF-3: SPOOF!
sender_domains = +local_domains
!verify = sender
spf = !pass
Would this work? If not, how do others support RoadWarriors and SPF at
the same time? Are there ramifications to doing this I don't understand?
TIA,
=C=
--
:
: Cal Evans
: Evans Internet Construction Company
: 615-260-3385
:
http://www.eicc.com
: Building web sites that build your business
:
