Re: [policyd-users] "Add SPF Header" problem

Mon, 10 Oct 2011 08:18:56 -0700 

On 10/09/11 16:03, Hieronim Sokolski wrote:
> Hello all,

Hi,

>
> ----- Oryginalna wiadomość -----
>> Od: "Nigel Kukard" <[email protected]>
>> Do: [email protected]
>> Wysłane: wtorek, 6 wrzesień 2011 23:21:27
>> Temat: Re: [policyd-users] "Add SPF Header" problem
>> The postfix delegation protocol has 1 return result per message,
>> checking the code the SPF header is not added if the message passes
>> SPF
>> , only if it does not pass.
> I have similiar problem: if Greylisting and CheckSPF modules are both used in 
> incoming policy, and SPF is set to add header only, no reject, header is not 
> set instead of hard SPF fail.
>
> This is second try, so the pretender passes greylisting:
>
> Oct  9 17:29:47 cbhost postfix/smtpd[3591]: connect from 
> fakehost[xxx.xxx.xxx.xxx]
> Oct  9 17:30:14 cbhost cbpolicyd[3498]: module=CheckSPF, action=add_header, 
> host=xxx.xxx.xxx.xxx, helo=fakehost, from=root@fakedomain, to=me@mydomain, 
> reason=spf_fail
> Oct  9 17:30:14 cbhost cbpolicyd[3498]: module=Greylisting, action=pass, 
> host=xxx.xxx.xxx.xxx, helo=fakehost, from=root@fakedomain, to=me@mydomain, 
> reason=authenticated
>
> received message has no SPF header.

Only 1 verdict can be returned .... I'll look into if "pass" is maybe
overwriting "add_header".

Maybe better behavior would be that add_header supersedes pass as a
verdict, but any failure or anything else supersedes that... hrmm.

> Then Greylisting check goes disabled:
>
> Oct  9 17:31:41 cbhost postfix/smtpd[3591]: connect from 
> fakehost[xxx.xxx.xxx.xxx]
> Oct  9 17:32:07 cbhost cbpolicyd[3480]: module=CheckSPF, action=add_header, 
> host=xxx.xxx.xxx.xxx, helo=fakehost, from=root@fakedomain, to=me@mydomain, 
> reason=spf_fail
>
> and message has Received-SPF: header with full details.
>
> Am I doing something wrong, or this is a bug? I have noticed this behaviour 
> in cbpolicyd 2.0.10 - the one shipped with Zimbra 7 - but today I have 
> installed the newest version from git and I have exactly the same results.
>
> Thanks in advance for explaining what should I do to get greylisting working 
> and SPF tagging all messages.
>

Regards
Nigel

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users

Reply via email to