This projects is not for normal email delivery but an esoteric use not usually associated with email - can't really divulge more but I'm starting to see no easy solution. There are spf scripts that can run against files separately from the stuff built into spam assassin and postfix/exim etc. On Jun 26, 2016 7:57 PM, <li...@lazygranch.com> wrote:
> Well maybe. If your client supports extra folders per each mailbox and > you can access those folders, then yes. Most clients do have such folders, > but the are designed to be used with "filters" built in the client. The > filters probably aren't sophisticated enough to check DKIM or SPF, which is > why plugins are used. > > While readers of this list think filtering out email that fails ID is a > great idea, the general public just wants the email to be delivered. > > I don't use Gmail, but I understand Google has implemented or is working > on implementing a notification for email that fails DKIM and SPF. I would > be interesting to get some stats on email passing both DKIM, each > individually, or none at all. > > When I suggested a plugin for CLAWS email client to check DKIM and SPF, > the silence was deafening. > Original Message > From: Chip > Sent: Sunday, June 26, 2016 4:41 PM > To: postfix-users@postfix.org > Reply To: jeffsch...@gmail.com > Subject: Re: DKIM/SPF failure to folder, not return to sender and other > tricks > > Thanks, > > So it just may be easier to deliver all messages to a folder then have a > cron job run some spf/dkim checking script against the emails. > > On 06/26/2016 05:53 PM, Bill Cole wrote: > > On 26 Jun 2016, at 16:44, Chip wrote: > > > >> I'm wondering if Postfix can do the following easily. > > > > Nope, not *easily*. > > > >> It's a real dog to get this setup in Exim. > > > > Or Sendmail, or probably ANY MTA that isn't tightly integrated to > > robust local delivery, mailstore, and mail access subsystems OR which > > has a sophisticated flexible mechanism for arbitrary policy definition > > and enforcement. So I guess if you wrote cf-ese by hand it might be a > > cinch in Sendmail... But anyway: this is *out of scope* for a pure MTA. > > > > [details elided] > > > >> In other words, a database or text list of emails with corresponding > >> acceptable senders needs to be maintained and referenced for each > >> user, I believe, unless a guru here can tell me how to get the flow > >> properly. > > > > To do this with Postfix, you need some sort of external program. The > > traditional Postfix mechanism would be a policy daemon. In modern > > Postfix you could do it in a milter such as MIMEDefang which provides > > a framework for you to create and enforce any policy that you can > > express in Perl. (which is easier than cf-ese, really...) > > > > Within Postfix proper, I suppose you could hypothetically do this with > > restriction classes, but those don't scale well. If you had something > > checking and tagging messages for SPF & DKIM authentication in Postfix > > (e.g. any mechanism that hooks to SpamAssassin or specialized tools) > > you could then do delivery via LMTP to something like Dovecot with its > > Pigeonhole add-on and have all your per-user rules in Sieve rules. > > > > In short: there are many different ways to skin this cat, but they all > > include the unpleasantry of skinning a cat. Ick. > > > >
