Package: spfmilter
Version: 1.99+0.97-1
Severity: grave
Justification: causes data loss and violates a MUST directive of RFC2821
Here's a diff between a two otherwise identical messages (IDs and dates
replaced with constants for easy diffing), one with spfmilter disabled,
the other with enabled.
Are you seeing any found possible spoofed header messages in your
syslog (facility mail, level notice)? Looking through the source code,
it doesn't appear that spfmilter even attempts to delete other
Received-SPF headers unless it detects ones it thinks are spoofed, and
even when it does decide to
2 matches
Mail list logo
