At 12:38 AM 8/19/2005 -0700, Matthew Elvey wrote:
...
I think we should not adopt the same result code nomenclature as SPF, but
rather something else, as SPF is a mishmash of path-based and
point-to-point stuff means that the quality of the labels is very
different from (and better than) those of SPF. How 'bout CSVpass, CSVfail,
CSVneutral, and tempfail? It would be good to put such nomenclature in the
specs, IMO. The server configuration file would then map these to SMTP
return codes.
Does 'neutral' include both:
1) No CSV records.
2) CSV records are explicitly neutral (weight=3).
Does 'tempfail' include both:
1) A timeout requiring no human intervention, just try again in a few minutes.
2) Some other error (misconfigured nameservers, unplugged router, etc.)
Seems to me if CSV is going to standardize a set of result keywords, you
would want as many as there are distinct results. It is much easier to
combine two results into one action than parse an explanation string to
decide if a DNSError is a tempfail or some other error. I would split
'neutral' into 'none' and 'neutral', and split 'tempfail' into 'tempfail'
and 'error'.
Som add'l comments:
This is pyCSA, not pyCSV (at least not yet). CSV=CSA+DNA. CSA Record ->
ACCEPT (or CSVpass) is not quite right. DNA still needs to be checked.
If the CSV folks can provide a pyCSA exactly like they want it (edit my
script if you like) or give me some agreed-on update to the spec, I will
write a wrapper to generate my desired actions.
result, SMTP_code, explanation = csa(IP, HELO) # This is the part I need.
if result == 'error': # errors are different than tempfails
notify(admin)
SMTP_reply = (SMTP_code, '', explanation)
header = {'label': 'Authent:', 'text': '%s %s CSV1 %s' % (IP, HELO,
result) }
if result == 'pass':
return ('ACCEPT', SMTP_reply, header)
elif result in ('neutral', 'none'): # lump two results into one action.
return ('FILTER', SMTP_reply, header)
elif result == 'fail':
return ('REJECT', SMTP_reply, header)
elif result in ('error', 'tempfail'):
return ('TEMPFAIL', SMTP_reply, header)
else:
raise ValueError, 'Unrecognized result from CSA check'
Note: Other possible actions are 'CONTINUE' and 'DISCARD'. CONTINUE is
used when the result is inconclusive, and there are other methods to be
tried that are not yet integrated into this script. DISCARD is used for
known spammers. It means REJECT with no SMTP_reply - not the way I would
do it, but some admins want it, and Sendmail offers it.
--
Dave
************************************************************ *
* David MacQuigg, PhD email: david_macquigg at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *