On Wednesday, April 06, 2016 09:31:24 AM jaso...@mail-central.com wrote: > Since pypolicyd-spf has been causing me lots of problems (upstream is > helping on it at launchpad), I decided to look for a more reliable > alternative just in case. > > The Postfix Add-Ons page (http://www.postfix.org/addon.html) says > > Note: Postfix already ships with SPF support, in the form of a plug-in > policy daemon. This is the preferred integration model, at least until SPF > is mandated by standards. > > Looking for that at > > Postfix feature overview > http://www.postfix.org/features.html > > Main features > Junk mail control > ... > Postfix 2.1 SPF plug-in > > Which takes you to > > http://www.postfix.org/SMTPD_POLICY_README.html > > where the only mention of SPF is > > Another example of policy delegation is the SPF policy server at > http://www.openspf.org/Software. > > Visiting > > http://www.openspf.org/Software > > re-points to > > This package has moved to https://launchpad.net/pypolicyd-spf/ > > which is obviously ADD-ON software. > > Unless I missed it, neither openspf nor pypolicyd is even mentioned at > http://www.postfix.org/addon.html. > > This is a pretty confusing runaround through the docs :-( > > IS pypolicyd-spf the SPF support that Postfix supposedly already ships with? > > Or is it something else?
It's complicated. Back in 2004/5 when SPF was first being developed, there were third party patches to postfix developed for SPF. The policy interface as introduced in postfix2.1 to allow, among other things, SPF checks to be done without patching postfix. At that time, the postfix source included a sample policy server (written in perl) to do that along with some others to do other things like greylisting. Somewhat later, I improved the sample and rather than periodically updating the version postfix was shipping, the pointer to http://www.openspf.org/Software was added in it's place and for many years the source was hosted there. Later I wanted things like a bug tracker and a modern version control system so I moved it to https://launchpad.net/postfix-policyd-spf-perl (the python implementation was never shipped with postfix - I started it because what I wanted to do with an SPF policy server far outstripped my limited Perl skills). Postfix, today, ships an interface that allows SPF checking. You can also, as someone else mentioned, use milters (the milter interface wasn't introduced until postfix 2.3). It doesn't directly ship the plug in needed to do the check. pypolicyd-spf is a more advanced descendant of the one that postfix did used to ship. There are many others. The most important thing is that people shouldn't be trying to use direct patches to postfix that are over a decade old, designed for postfix about a dozen releases ago, and don't even support the experimental RFC (RFC 4408) version of SPF, let alone the standards track RFC (RFC 7208). People still do though and they should stop. Scott K
