questions about postfix implementation

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Okay so I've implemented the policy-spf perl script into postfix
2.0.19-20040312 and it's working as far as it goes. I've also added the
spf entries to dns domains I send mail from. I now have questions about
what I am seeing and questions about how to get the policy-spf perl
script to do more than just spew nice entires into my maillog. :-)

Here is the log from a typical spam attempt (it even includes a limp
wristed HELO using an ip instead of a name):

Mar 29 02:01:23 varmint postfix/smtpd[20792]: connect from
unknown[211.55.5.60]
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: Attribute:
client_address=211.55.5.60
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: Attribute:
client_name=unknown
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: Attribute:
helo_name=24.172.57.2
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: Attribute:
protocol_name=SMTP
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: Attribute:
protocol_state=RCPT
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: Attribute: queue_id=
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: Attribute:
recipient=apache(_at_)moongroup(_dot_)com
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: Attribute:
request=smtpd_access_policy
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: Attribute:
sender=onwgk(_at_)email(_dot_)com
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: : testing: stripped
sender=onwgk(_at_)email(_dot_)com, stripped rcpt=apache(_at_)moongroup(_dot_)com
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: handler testing: DUNNO
Mar 29 02:01:26 varmint postfix/policy-spf[20795]: decided action=DUNNO
Mar 29 02:01:26 varmint postfix/smtpd[20792]: NOQUEUE: reject: RCPT from
unknown[211.55.5.60]: 554 Service unavailable; Client host [211.55.5.60]
blocked using cn-kr.blackholes.us; Korea blocked by cn-kr.blackholes.us;
from=<onwgk(_at_)email(_dot_)com> to=<apache(_at_)moongroup(_dot_)com> 
proto=SMTP
helo=<24.172.57.2>

So the filter said "DUNNO". Should it have?

Here is an entry showing mail sent between two hosts that I own (both of
which have spf entries for their dns):

Mar 29 01:48:27 varmint postfix/smtpd[20656]: connect from
dbguin.lunar-linux.org[24.172.57.4]
Mar 29 01:48:27 varmint postfix/policy-spf[20658]: Attribute:
client_address=24.172.57.4
Mar 29 01:48:27 varmint postfix/policy-spf[20658]: Attribute:
client_name=dbguin.lunar-linux.org
Mar 29 01:48:27 varmint postfix/policy-spf[20658]: Attribute:
helo_name=dbguin.lunar-linux.org
Mar 29 01:48:27 varmint postfix/policy-spf[20658]: Attribute:
protocol_name=ESMTP
Mar 29 01:48:27 varmint postfix/policy-spf[20658]: Attribute:
protocol_state=RCPT
Mar 29 01:48:27 varmint postfix/policy-spf[20658]: Attribute: queue_id=
Mar 29 01:48:28 varmint postfix/policy-spf[20658]: Attribute:
recipient=csm+nospam(_at_)moongroup(_dot_)com
Mar 29 01:48:28 varmint postfix/policy-spf[20658]: Attribute:
request=smtpd_access_policy
Mar 29 01:48:28 varmint postfix/policy-spf[20658]: Attribute:
sender=csm+nospam(_at_)lunar-linux(_dot_)org
Mar 29 01:48:28 varmint postfix/policy-spf[20658]: : testing: stripped
sender=csm+nospam(_at_)lunar-linux(_dot_)org, stripped 
rcpt=csm+nospam(_at_)moongroup(_dot_)com
Mar 29 01:48:28 varmint postfix/policy-spf[20658]: handler testing: DUNNO
Mar 29 01:48:28 varmint postfix/policy-spf[20658]: decided action=DUNNO

Now why is it saying "DUNNO" here? This seems very odd!

I have one more question... aside from logging what else can this filter
do? It seems a very useful idea and I would like to see what, if any,
more useful applications it has.

Thanx!
- --
csm
Lunar Linux Project Lead
Disclaimer: "I am not a curmudgeon! No... really..."
Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAZ4VOq3bny/5+GAcRAkx9AJ4iUAR01CDQ89ydO2Q2QRRCL+pnJQCffaUR
KYBUSV1CKnENiOy6Sb+MmVU=
=HB0Y
-----END PGP SIGNATURE-----