policy daemon to greylist on SPF failure?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

policy daemon to greylist on SPF failure?

Justin Piszcz
Was curious if there were any daemons out there that currently did this, or if
I should just modify the main spf checking script that openspf.org provides?

Nov 19 13:32:39 p34 postfix/policy-spf[15114]: : SPF SoftFail (Mechanism '~all'
matched): Envelope-from: [hidden email] Nov 19 13:32:39 p34
postfix/policy-spf[15114]: handler sender_policy_framework: is decisive. Nov 19
13:32:39 p34 postfix/policy-spf[15114]: : Policy action=PREPEND Received-SPF:
softfail (hsbc.co.uk: Sender is not authorized by default to use
'[hidden email]' in 'mfrom' identity, however domain is not currently
prepared for false failures (mechanism '~all' matched))
receiver=p34.internal.lan; identity=mfrom; envelope-from="[hidden email]";
helo=158550.arbollogico.net; client-ip=67.192.171.186

Reply | Threaded
Open this post in threaded view
|

Re: policy daemon to greylist on SPF failure?

Scott Kitterman-4
On Wed, 19 Nov 2008 13:44:48 -0500 (EST) Justin Piszcz
<[hidden email]> wrote:
>Was curious if there were any daemons out there that currently did this,
or if
>I should just modify the main spf checking script that openspf.org
provides?
>
I think tumgreyspf will do this. Alternatively, you could do this with
restrction classes and a separate policy server for greylisting.  The
Python policy server on openspf.org can be set up to do the SPF part pretty
easily and there is a README on integration with Postfix restriction
classes.

Scott K
Reply | Threaded
Open this post in threaded view
|

Re: policy daemon to greylist on SPF failure?

Benny Pedersen
In reply to this post by Justin Piszcz

On Wed, November 19, 2008 19:44, Justin Piszcz wrote:

> 13:32:39 p34 postfix/policy-spf[15114]: : Policy action=PREPEND Received-SPF:

change action= to greylist and have greylist class solves it without change
any code in policy-spf

smtpd_restriction_classes = greylist
greylist = check_policy_services .....

i am using it with postfwd

--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098