spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Unified SPF policy daemon and constructing a personal whitelist: bugfix

2004-09-09 19:53:37
from [Meng Weng Wong] [Permanent Link] 
On Thu, Sep 09, 2004 at 10:37:51PM -0400, Meng Weng Wong wrote:
| 
|   # if none of the identities passed the policy test, reject with a friendly 
message.
|   my @policy_passed_identities = grep { 
$identity_results{$_}->{policy_result} eq "PASS" } @IDENTITIES;
|   if (not @policy_passed_identities) {
|     return "REJECT agupimail recognized your @policy_passed_identities, but 
was unable to authenticate you because your mail was not transmitted over an 
authenticated channel.  Please consider publishing an SPF record for those 
identities.";
|     # TODO: in the future, defer this rejection until we've had a chance to 
examine the message body for a crypto sig.
|   }

sorry, that should be         if (@policy_passed_identities)

other bugs may lurk, eyeballs welcome.

anyway, here's what shows up in my syslog:

 Attribute: client_address=204.74.68.55
 Attribute: client_name=zorac.sf-bay.org
 Attribute: extra_arg=
 Attribute: helo_name=shell.sf-bay.org
 Attribute: instance=004b33.0041411510.000000
 Attribute: protocol_name=ESMTP
 Attribute: protocol_state=RCPT
 Attribute: queue_id=
 Attribute: recipient=mengwong(_at_)spf(_dot_)pobox(_dot_)com
 Attribute: request=smtpd_access_policy
 Attribute: sender=mengwong(_at_)zorac(_dot_)sf-bay(_dot_)org
 Attribute: size=0

 testing: stripped sender=mengwong(_at_)zorac(_dot_)sf-bay(_dot_)org, stripped 
rcpt=mengwong(_at_)spf(_dot_)pobox(_dot_)com

 karma_query(ptr:zorac.sf-bay.org): querying 
zorac.sf-bay.org.rating.cloudmark.com...
 karma_query(ptr:zorac.sf-bay.org): querying 
zorac.sf-bay.org.wl.trusted-forwarder.org...
 karma_query(ptr:zorac.sf-bay.org): querying 
zorac.sf-bay.org.dnswl.mengwong.com...
 agupimail policy_status for ptr identity zorac.sf-bay.org returned PASS: 
zorac.sf-bay.org found in dnswl.mengwong.com
 agupimail now going to look for auth_status...
 ptr_status: testing zorac.sf-bay.org
 pass: spf/PTR smtp_comment=Please see 
http://spf.pobox.com/why.html?sender=zorac.sf-bay.org&ip=204.74.68.55&receiver=dumbo.pobox.com:
 zorac.sf-bay.org A 204.74.68.55, header_comment=dumbo.pobox.com: domain of 
zorac.sf-bay.org designates 204.74.68.55 as permitted sender
 agupimail auth_result for ptr identity zorac.sf-bay.org is PASS
 agupimail overall: decided action=PREPEND X-SPF: agupimail approved of 
authenticated sender (dumbo.pobox.com: domain of zorac.sf-bay.org designates 
204.74.68.55 as permitted sender; zorac.sf-bay.org found in dnswl.mengwong.com)

so it looks like it's working as designed.

now i wait for spam to try to get in to
mengwong(_at_)spf(_dot_)pobox(_dot_)com ...
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Unified SPF policy daemon and constructing a personal whitelist, Meng Weng Wong
Next by Date:  agupimail: examples of various return codes, Meng Weng Wong
Previous by Thread:  Unified SPF policy daemon and constructing a personal whitelist, Meng Weng Wong
Next by Thread:  agupimail: examples of various return codes, Meng Weng Wong
Indexes:  [Date] [Thread] [Top] [All Lists]