On Wed, Jan 12, 2005 at 03:13:29PM -0800,
Greg Connor <gconnor(_at_)nekodojo(_dot_)org> wrote
a message of 47 lines which said:
So, while we are on the subject of Received: lines, has anyone out
there created tools to take apart the Received: lines and to do SPF
after the fact?
Please read the thread "using received headers to determine sending
mta" to be sure you know the limits of the exercice.
I use procmail. In a procmailrc, I add:
:0fwh
# If the message is from the outside
* ^Received:.*from mx([0-9]+)\.nic.fr
| formail -A "Received-SPF: on `hostname`:
SPF-`/usr/local/bin/spf-for-procmail`"
and the script spf-for-procmail, which uses the Perl module
Mail::SPF::Query, is:
#!/bin/sh
# Most recent trusted Received header. The value is 2 by default (1
# for fetchmail and one for the ISP) but it can be more if there is a
# complicated mail setup with several servers.
TRUSTED_RECEIVED=2
HEADERS_FILE=`mktemp`
cat - > $HEADERS_FILE
LAST_RECEIVED=`cat $HEADERS_FILE | formail -c -x Received |
head -$TRUSTED_RECEIVED | tail -1`
# The regexp depends on the
SMTP
# server
# vvvvvvvvvvvvvvvvvvv
LAST_SMTP_SENDER=`echo $LAST_RECEIVED | perl -ne 'm/\[([0-9\.]+)\]\) +by/;
print $1'`
HELO_HOST=`echo $LAST_RECEIVED | perl -ne 'm/^ *from +([a-zA-Z0-9\.\-]+)/;
print $1'`
SENDER=`cat $HEADERS_FILE | formail -c -x Return-Path`
rm $HEADERS_FILE
RESULT=`echo "$LAST_SMTP_SENDER $SENDER $HELO_HOST" | spfquery -f -`
echo $RESULT