[Mimedefang] SPF in MD
Michael Faurot
mfaurot at atww.org
Fri Oct 8 15:25:09 EDT 2004
In article <4166DB5B.8010601 at jasongurtz.com> you wrote:
> I always appreciate seeing code here; it's how I learn. :)
Same here.
> I guess if it's a real lot (pages) it would be better to offer it for
> download somewhere. But I don't see that as the usual case here.
Not much to it really . . .
Somewhere at the top of mimedefang-filter, use the SPF Perl module:
use Mail::SPF::Query;
Within filter_sender() I do a call like this to my own function
spf_query() (see below):
# Query for SPF information with guess mode off
my ($result, $smtp_comment, $header_comment, $spf_record) =
spf_query ($ip, $sender, $helo, 0);
# If SPF says this sender is not coming from an authorized MTA,
# then reject it.
if ($result eq "fail") {
md_syslog ('info', "Received-SPF: $result ($header_comment) " .
"$spf_record, Helo=$helo");
return('REJECT', "Access Denied (SPF) [$smtp_comment], " .
"Relay=$hostname [$ip], Helo=$helo");
}
And here's spf_query():
sub spf_query ($$$$) {
my ($ip, $sender, $helo, $guess) = @_;
# The guess parameter needs to be set to either 0 or 1.
if ($guess != 1) {
$guess = 0;
}
# Check this sender against any SPF or Caller-ID records
# that might be available.
my $query = new Mail::SPF::Query ( ip => $ip,
sender => $sender,
helo => $helo,
guess => $guess,
callerid => {
"*." => {
check => 1 } }
);
my ($result, $smtp_comment, $header_comment, $spf_record) =
$query->result();
return ($result, $smtp_comment, $header_comment, $spf_record);
}
More information about the MIMEDefang
mailing list