Re: [exim] Experimental SPF

Top Pagina
Deze boodschap maakt deel uit van devolgende draad:
Mde volledige draad-boom gesorteerd op datum
MPierre-Philipp Braun op <-
MHardy op ->
Delete this message
Reply to this message
Auteur: Heiko Schlittermann
Datum:  
Aan: Pierre-Philipp Braun
Onderwerp: Re: [exim] Experimental SPF
Pierre-Philipp Braun <pbraun@???> (Mi 20 Sep 2017 09:55:52 CEST):
> Hello,
>
> I tried to take advantage of Experimental SPF support with no much success
> in Exim 4.89 as well as development head. I do not know if this is me not
> writing the ACLs correctly or if this is truly unfeatured.
>
> [...]
> 
> acl_check_mail:
>        warn            spf = !unknown
>        add_header      = :at_start:$spf_received
>        log_message     = SPF=$spf_result
>        accept spf      = pass
 

>        accept

You accept everything, despite the SPF results.

> The ACL described earlier passes everything through but
> at least returns information about the SPF result in the logs even if it is
> false, I think.

I'm not sure about the 'spf = !unknown', here on my system I have
a similiar line as 'spf = !none'.

Here is my setup that serves a similiar purpose> 

warn     spf          = !none
         logwrite     = SPF: $spf_result for $sender_address
         add_header   = :at_start:$spf_received


> 2017-09-20 10:44:16 H=localhost (crap) [127.0.0.1] Warning: SPF=pass
> 2017-09-20 10:44:45 H=mx.nethence.com (crap) [62.210.110.7] Warning:
> SPF=temperror

Maybe this helps for your localhost experiments:
I did a fast "selfcheck" using swaks: 

    swaks … --pipe 'exim -bh 127.0.0.1'


>>> check spf = !none
>>> SPF result is pass (2)
>>> check logwrite = SPF: $spf_result for $sender_address
>>>                = SPF: pass for hs@???
LOG: [17759] SPF: pass for hs@???
>>> check add_header = :at_start:$spf_received
>>>                  = :at_start:Received-SPF: pass (mx.net.schlittermann.de: localhost is always allowed.) client-ip=127.0.0.1; envelope-from=hs@???; helo=mx.net.schlittermann.de;
 

schlittermann.de.    3600    IN    TXT    "v=spf1 a:hh.schlittermann.de ip4:84.19.194.3/32 -all"


and clearly does not include localhost. So passing messags from
localhost might be a feature of SPF in general or of the implementation
in Exim. 

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

Deze boodschap werd naar devolgende mailinglijsten gestuurd:
Exim-users
Mailing Lijst Info | Nabije Berichten		<-Re: [exim] Selectively add spamassassin headers to messagesRe: [exim] Experimental SPF->
Tahini and Hummus and Cumin Development Archives beheerd door cumin AdminsLurker (versie 2.3)