[Top] [All Lists]

[clear] pyCSV

2005-08-19 10:13:21
At 12:38 AM 8/19/2005 -0700, Matthew Elvey wrote:


I think we should not adopt the same result code nomenclature as SPF, but 
rather something else, as SPF is a mishmash of path-based and 
point-to-point stuff means that the quality of the labels is very 
different from (and better than) those of SPF. How 'bout CSVpass, CSVfail, 
CSVneutral, and tempfail? It would be good to put such nomenclature in the 
specs, IMO.  The server configuration file would then map these to SMTP 
return codes.

Does 'neutral' include both:
1) No CSV records.
2) CSV records are explicitly neutral (weight=3).

Does 'tempfail' include both:
1) A timeout requiring no human intervention, just try again in a few minutes.
2) Some other error (misconfigured nameservers, unplugged router, etc.)

Seems to me if CSV is going to standardize a set of result keywords, you 
would want as many as there are distinct results.  It is much easier to 
combine two results into one action than parse an explanation string to 
decide if a DNSError is a tempfail or some other error.  I would split 
'neutral' into 'none' and 'neutral', and split 'tempfail' into 'tempfail' 
and 'error'.

Som add'l comments:
This is pyCSA, not pyCSV (at least not yet).  CSV=CSA+DNA. CSA Record -> 
ACCEPT (or CSVpass) is not quite right. DNA still needs to be checked.

If the CSV folks can provide a pyCSA exactly like they want it (edit my 
script if you like) or give me some agreed-on update to the spec, I will 
write a wrapper to generate my desired actions.

     result, SMTP_code, explanation = csa(IP, HELO)  # This is the part I need.

     if result == 'error':  # errors are different than tempfails

     SMTP_reply = (SMTP_code, '', explanation)
     header = {'label': 'Authent:', 'text': '%s %s CSV1 %s' % (IP, HELO, 
result) }

     if result == 'pass':
         return ('ACCEPT', SMTP_reply, header)
     elif result in ('neutral', 'none'):  # lump two results into one action.
         return ('FILTER', SMTP_reply, header)
     elif result == 'fail':
         return ('REJECT', SMTP_reply, header)
     elif result in ('error', 'tempfail'):
         return ('TEMPFAIL', SMTP_reply, header)
         raise ValueError, 'Unrecognized result from CSA check'

Note: Other possible actions are 'CONTINUE' and 'DISCARD'.  CONTINUE is 
used when the result is inconclusive, and there are other methods to be 
tried that are not yet integrated into this script.  DISCARD is used for 
known spammers.  It means REJECT with no SMTP_reply - not the way I would 
do it, but some admins want it, and Sendmail offers it.

************************************************************     *
* David MacQuigg, PhD     email: david_macquigg at     *  *
* IC Design Engineer            phone:  USA 520-721-4583      *  *  *
* Analog Design Methodologies                                 *  *  *
*                                 9320 East Mikelyn Lane       * * *
* VRS Consulting, P.C.            Tucson, Arizona 85710          *
************************************************************     *

<Prev in Thread] Current Thread [Next in Thread>