Re: [exim] SPF feature would be more useful if

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Todd Lyons
日付:  
To: Bernd Jendrissek
CC: exim users
題目: Re: [exim] SPF feature would be more useful if
On Thu, Nov 11, 2010 at 5:59 AM, Bernd Jendrissek
<bernd.jendrissek@???> wrote:
> I would rather not hardcode something that addresses Google's SPF
> specifically, even that is our current need: we have customers who get
> Google to send their email (from their own domain, not @gmail.com) via
> our quasi-MTA. The customer's own domain doesn't have SPF records [*],
> but we know that they're using Google's servers. So we want to be able
> to ask, "Does the SPF data on _spf.google.com cover
> $sender_host_address?". If only I could say...


That's kind of confusing. Why not just have the customer fix the SPF record?

> condition = ${if and {{lookup {$sender_address_domain} lsearch
> {/foo/googlers}} {lookup {$sender_host_address} spf {_spf.google.com}}}


This seems a perfect use case for a perl function:

condition = ${if eq{ ${perl{check_users_spf}} }{ pass }} {yes}{no} }

Then have a perl function (probably oversimplified and completely untested) :

use Mail::SPF;

sub check_users_spf {
  my $sender_address_domain = Exim::expand_string('$sender_address_domain');
  my $sender_host_address = Exim::expand_string('$sender_host_address');
  my $spf_server = Mail::SPF::Server->new();
  my $req = Mail::SPF::Request->new(
    versions => 1,
    identity => $sender_address_domain,
    ip_address => $sender_host_address
  );
  my $result = $spf_server->process($req);
  # code() returns "pass", "fail", "softfail",
  # "neutral", "none", "error", "permerror"
  return ( $result->code() || 'permerror' );
}


--
Regards...      Todd
I seek the truth...it is only persistence in self-delusion and
ignorance that does harm.  -- Marcus Aurealius