Hello,
I wrote a little patch for the SPF plugin to detect domains
authenticating any IP by SPF.
Usage:
local.cf
header SPF_PASS_PLUSALL eval:check_for_spf_pass_plusall()
header SPF_HELO_PASS_PLUSALL
eval:check_for_spf_helo_pass_plusall()
describe SPF_PASS_PLUSALL SPF: SPF record allow any sender
describe SPF_HELO_PASS_PLUSALL SPF: SPF record allow any HELO
lang de describe SPF_PASS_PLUSALL SPF: SPF-Datensatz erlaubt
beliebige Senderechner
lang de describe SPF_HELO_PASS_PLUSALL SPF: SPF-Datensatz erlaubt
beliebige HELO-Namen
score SPF_PASS_PLUSALL 0.001
score SPF_HELO_PASS_PLUSALL 0.001
Unfortunately I found also domains not really sending spam use "+all" ¹)
Any comments?
Andreas
¹)
https://listi.jpberlin.de/pipermail/postfixbuch-users/2015-April/062921.html
Index: spamassassin-3.4.0/lib/Mail/SpamAssassin/Plugin/SPF.pm
===================================================================
--- spamassassin-3.4.0.orig/lib/Mail/SpamAssassin/Plugin/SPF.pm
+++ spamassassin-3.4.0/lib/Mail/SpamAssassin/Plugin/SPF.pm
@@ -55,11 +55,13 @@ sub new {
bless ($self, $class);
$self->register_eval_rule ("check_for_spf_pass");
+ $self->register_eval_rule ("check_for_spf_pass_plusall");
$self->register_eval_rule ("check_for_spf_neutral");
$self->register_eval_rule ("check_for_spf_none");
$self->register_eval_rule ("check_for_spf_fail");
$self->register_eval_rule ("check_for_spf_softfail");
$self->register_eval_rule ("check_for_spf_helo_pass");
+ $self->register_eval_rule ("check_for_spf_helo_pass_plusall");
$self->register_eval_rule ("check_for_spf_helo_neutral");
$self->register_eval_rule ("check_for_spf_helo_none");
$self->register_eval_rule ("check_for_spf_helo_fail");
@@ -231,6 +233,12 @@ sub check_for_spf_pass {
$scanner->{spf_pass};
}
+sub check_for_spf_pass_plusall {
+ my ($self, $scanner) = @_;
+ $self->_check_spf ($scanner, 0) unless $scanner->{spf_checked};
+ $scanner->{spf_pass_plusall};
+}
+
sub check_for_spf_neutral {
my ($self, $scanner) = @_;
$self->_check_spf ($scanner, 0) unless $scanner->{spf_checked};
@@ -264,6 +272,12 @@ sub check_for_spf_helo_pass {
$scanner->{spf_helo_pass};
}
+sub check_for_spf_helo_pass_plusall {
+ my ($self, $scanner) = @_;
+ $self->_check_spf ($scanner, 1) unless $scanner->{spf_helo_checked};
+ $scanner->{spf_helo_pass_plusall};
+}
+
sub check_for_spf_helo_neutral {
my ($self, $scanner) = @_;
$self->_check_spf ($scanner, 1) unless $scanner->{spf_helo_checked};
@@ -377,6 +391,7 @@ sub _check_spf {
# we'd set these if we actually did the check
$scanner->{"spf_${identity}checked"} = 1;
$scanner->{"spf_${identity}pass"} = 0;
+ $scanner->{"spf_${identity}pass_plusall"} = 0;
$scanner->{"spf_${identity}neutral"} = 0;
$scanner->{"spf_${identity}none"} = 0;
$scanner->{"spf_${identity}fail"} = 0;
@@ -426,6 +441,7 @@ sub _check_spf {
# we'd set these if we actually did the check
$scanner->{"spf_${identity}checked"} = 1;
$scanner->{"spf_${identity}pass"} = 0;
+ $scanner->{"spf_${identity}pass_plusall"} = 0;
$scanner->{"spf_${identity}neutral"} = 0;
$scanner->{"spf_${identity}none"} = 0;
$scanner->{"spf_${identity}fail"} = 0;
@@ -520,6 +536,7 @@ sub _check_spf {
# SPF HELO-checking variant
$scanner->{spf_helo_checked} = 1;
$scanner->{spf_helo_pass} = 0;
+ $scanner->{spf_helo_pass_plusall} = 0;
$scanner->{spf_helo_neutral} = 0;
$scanner->{spf_helo_none} = 0;
$scanner->{spf_helo_fail} = 0;
@@ -529,6 +546,7 @@ sub _check_spf {
# SPF on envelope sender (where possible)
$scanner->{spf_checked} = 1;
$scanner->{spf_pass} = 0;
+ $scanner->{spf_pass_plusall} = 0;
$scanner->{spf_neutral} = 0;
$scanner->{spf_none} = 0;
$scanner->{spf_fail} = 0;
@@ -674,7 +692,10 @@ sub _check_spf {
$text =~ s/\s+/ /gs; # no newlines please
if ($ishelo) {
- if ($result eq 'pass') { $scanner->{spf_helo_pass} = 1; }
+ if ($result eq 'pass') {
+ $scanner->{spf_helo_pass} = 1;
+ $scanner->{spf_helo_pass_plusall} = 1 if $text =~ /\'all\' matched/;
+ }
elsif ($result eq 'neutral') { $scanner->{spf_helo_neutral} = 1; }
elsif ($result eq 'none') { $scanner->{spf_helo_none} = 1; }
elsif ($result eq 'fail') { $scanner->{spf_helo_fail} = 1; }
@@ -684,7 +705,10 @@ sub _check_spf {
$scanner->{spf_helo_failure_comment} = "SPF failed: $comment";
}
} else {
- if ($result eq 'pass') { $scanner->{spf_pass} = 1; }
+ if ($result eq 'pass') {
+ $scanner->{spf_pass} = 1;
+ $scanner->{spf_pass_plusall} = 1 if $text =~ /\'all\' matched/;
+ }
elsif ($result eq 'neutral') { $scanner->{spf_neutral} = 1; }
elsif ($result eq 'none') { $scanner->{spf_none} = 1; }
elsif ($result eq 'fail') { $scanner->{spf_fail} = 1; }
