[Mimedefang] Integrating SPF...

Keith Patton kpatton at dallas.photronics.com
Tue Mar 29 16:34:46 EST 2005 

David F. Skoll wrote:

>John Von Essen wrote:
>
>  
>
>>I was wondering if SA or MD have integrated this feature for anti-spam
>>purposes.
>>    
>>
>
>I believe the latest SA releases incorporate SPF.  We support SPF
>in CanIt using the Mail::SPF::Query perl module from CPAN.  It's
>very easy to use; should only take a few minutes to integrate with
>MIMEDefang.
>
>Regards,
>
>David.
>_______________________________________________
>Visit http://www.mimedefang.org and http://www.canit.ca
>MIMEDefang mailing list
>MIMEDefang at lists.roaringpenguin.com
>http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>  
>
I have it integrated..spamassassin only scores it, and if the mail was 
in violation I wanted an immediate reject.

David, you may wish to include this procedure in mimedefang.pl

-Keith

mimedefang-filter

Add this procedure....
#**********************************************************************
#  %PROCEDURE: spf_query

sub spf_query ($$$$) {

        my ($ip, $sender, $helo, $guess) = @_;

        # The guess parameter needs to be set to either 0 or 1.
        if ($guess != 1) {
                $guess = 0;
        }

        # Check this sender against any SPF or Caller-ID records
        # that might be available.
        my $query = new Mail::SPF::Query ( ip           => $ip,
                                           sender       => $sender,
                                           helo         => $helo,
                                           guess        => $guess,
                                           callerid     => {
                                                "*."    => {
                                                check   => 1 } }
        );

        my ($result, $smtp_comment, $header_comment, $spf_record) =
                $query->result();

        return ($result, $smtp_comment, $header_comment, $spf_record);
}

***********************************************************************


Then in   filter_sender

.........

# Query for SPF information with guess mode off
        my ($result, $smtp_comment, $header_comment, $spf_record) =
                spf_query ($ip, $sender, $helo, 0);

        # If SPF says this sender is not coming from an authorized MTA,
        # then reject it.
        if ($result eq "fail") {
           md_syslog ('info', "Received-SPF: $result ($header_comment) " .
                "$spf_record, Helo=$helo");
           return('REJECT', "Access Denied (SPF) [$smtp_comment], " .
                "Relay=$hostname [$ip], Helo=$helo");
            } else {
           return ('CONTINUE', "ok");
           }

.......

More information about the MIMEDefang mailing list