Neil Harkins <nharkins(_at_)well(_dot_)com> writes:
On Sat, 9 Jul 2005, Rob MacGregor wrote:
On 08/07/05, Neil Harkins <nharkins(_at_)well(_dot_)com> wrote:
Hi. I used fetchmail for a few projects over the past 10 years,
and was curious how it deals with SPF (Sender Policy Framework,
http://spf.pobox.com).
Given that it pre-dates it, I'd say not at all :-)
sendmail predates SPF, yet it can support SPF.
fetchmail is a tool, with maintainers, that has added
new features to be compatible with new standards.
Do did sendmail.
Ultimately, mail aggregation like fetchmail is the main
problem with SPF. I started the thread to see if any thought
has been given towards making it work, instead of ignoring
what is an otherwise admirable anti-spam effort.
I don't have interest in SPF: it is permanently getting in my way, and
several common and prominent problems such as mail forwarding haven't
been solved yet. SPF creates more problems than it solves.
If --mda gets around it with most mailers, then
it certainly seems like something worth mentioning
in the documentation.
--mda is weakly supported and has certain restrictions. For instance, in
multidrop mode, the MDA must be able to deliver the message to several
recipients (no MDA I know does this), --mda mode cannot bounce
undeliverable mail and so on.
You CAN however try to use the sendmail command (or compatibility
wrapper of Postfix's for instance) to carry the mail forward,
documentation in the manual page, and it must be followed literally, and
certainly not in multidrop configurations. At least bouncing would then
work in some more cases (although not in all, unless you use the
original BSD sendmail 8.12 or 8.13 or whatever is current now).
I'm asking if that precedence can be *configured* in the conf,
No precedence, the mda-option is final and disables SMTP.
Adding to what others have said, you may want to configure your system
such that connections on the loopback interface are exempt from SPF
checks. That should solve the problem.
Yes, in most cases that would work, however some may use fetchmail
from a shell account where they don't have root.
Then you'll have to use the mda option and replace the envelope sender.
--
Matthias Andree