On 2023/10/30 20:28, Peter Nicolai Mathias Hansteen via mailop wrote: > > On 30 Oct 2023, at 20:01, Michael W. Lucas via mailop <[email protected]> > wrote: > > Hi, > > Trying to not reinvent the wheel here. > > I want to create an allow list of the big providers that retry from > multiple IP addresses. (Spam from them won't be caught by > protocol-level checks like postscreen, it needs rspamd or somesuch). > > It seems that someone surely would have created a "grab the SPF > records and create a list" script, recursing the included > records. Search engines are not useful to find it, though. > > Any pointers? > > > I wrote a piece some years back about just that. > > Assuming you are running on OpenBSD or other system that has a recent-ish > OpenSMTPD, you could > use OpenSMTPD's "smtpctl spf walk"
SPF syntax allows expressing policy which can't be converted to a simple list of addresses (the policy can include further DNS lookups based on sender localpart/domain, IP address, etc). So it's not possible to produce a complete list like this. _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
