On Thu, Nov 11, 2010 at 5:59 AM, Bernd Jendrissek
<bernd.jendrissek@???> wrote:
> I would rather not hardcode something that addresses Google's SPF
> specifically, even that is our current need: we have customers who get
> Google to send their email (from their own domain, not @gmail.com) via
> our quasi-MTA. The customer's own domain doesn't have SPF records [*],
> but we know that they're using Google's servers. So we want to be able
> to ask, "Does the SPF data on _spf.google.com cover
> $sender_host_address?". If only I could say...
That's kind of confusing. Why not just have the customer fix the SPF record?
> condition = ${if and {{lookup {$sender_address_domain} lsearch
> {/foo/googlers}} {lookup {$sender_host_address} spf {_spf.google.com}}}
This seems a perfect use case for a perl function:
condition = ${if eq{ ${perl{check_users_spf}} }{ pass }} {yes}{no} }
Then have a perl function (probably oversimplified and completely untested) :
use Mail::SPF;
sub check_users_spf {
my $sender_address_domain = Exim::expand_string('$sender_address_domain');
my $sender_host_address = Exim::expand_string('$sender_host_address');
my $spf_server = Mail::SPF::Server->new();
my $req = Mail::SPF::Request->new(
versions => 1,
identity => $sender_address_domain,
ip_address => $sender_host_address
);
my $result = $spf_server->process($req);
# code() returns "pass", "fail", "softfail",
# "neutral", "none", "error", "permerror"
return ( $result->code() || 'permerror' );
}
--
Regards... Todd
I seek the truth...it is only persistence in self-delusion and
ignorance that does harm. -- Marcus Aurealius
