spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ANNOUNCE sendmail-milter-spf version 1.40

2004-03-27 03:43:00
from [Mark] [Permanent Link] 
I am glad to announce a new release of spf-milter:

    sendmail-milter-spf-1.40

The major highlights of this release are:

* New feature: spf-milter is now fully SRS compliant. That is, it is
  'stand-alone' capable of handling SRS0/SRS1 recipients.

* New feature: Fake DSN detection (optional). A new option, -S, puts
  spf-milter in "fake DSN detection" mode. Based on SRS-signed DSN
  recipients, spf-milter will be able to detect, and REJECT, forged
  bounces.

* New feature: STARTTLS authentication support.

* New feature: SRS1 forwarding (optional). A new option, -r, determines
  whether you will relay non-locally resolving SRS0 addresses (reversed
  from SRS1).

* Behavioral change: replaced text:

      "Need HELO before MAIL"

  With the string sendmail pops out itself these days:

      "Polite people say HELO first"

* Behavioral change: replaced 'spf_header_comment' comment for
  authenticated users:

      "domain of <domain> designates <ip> as SASL permitted sender"

  With:

      "<ip> is authenticated by a trusted mechanism"

  This to include STARTTLS authentication.

* Bug fix: replaced SMFIS_TEMPFAIL text:

      "An error occurred during SPF processing of <from>.
      Please try again later"

  With:

      "$priv_data->{'spf_smtp_comment'}"

* Bug fix: keep 'is_authenticated' on RSET; during an entire
  session, the connection should remain authenticated (unless a
  new HELO sounds the possible start of a new STARTTLS session).


I added a new section to the "sendmail-milter-INSTALL.txt" doc:

    "4. SRS AND FAKE DSN DETECTION"

I strongly suggest you read this first before venturing into the -S option.
spf-milter itself is heavily documented too. It would not hurt looking at
that, either.

Also, when reading the "sendmail-milter-INSTALL.txt" doc, be aware that you
need to add a new line to your site.config.m4:

    define(`confMILTER_MACROS_HELO', confMILTER_MACROS_HELO`, {verify}')dnl

Failure to incorporate this line will not result in error (the 'verify'
macro simply remains undefined to spf-milter), but it will prevent
spf-milter bypass on STARTTLS authenticated senders.

Cheers,

- Mark

        System Administrator Asarian-host.org

---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-devel(_at_)v2(_dot_)listbox(_dot_)com

Attachment: sendmail-milter-spf-1.40.pl
Description: Binary data

Attachment: sendmail-milter-INSTALL.txt
Description: Text document

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SPF and SMTP 551/251 result codes., David Woodhouse
Next by Date:  Re: ANNOUNCE sendmail-milter-spf version 1.40, David Woodhouse
Previous by Thread:  ANNOUNCE libspf-alt version 0.3, wayne
Next by Thread:  Re: ANNOUNCE sendmail-milter-spf version 1.40, David Woodhouse
Indexes:  [Date] [Thread] [Top] [All Lists]