Hi.I'm quite new to postfix and it's policy framework but I wanted to learn more about it. I thought a good way to learn about policy frameworks/services would be to read the docs and write a simple script that performs a SPF check on incoming emails.
A snippet from the script/attempt where the response to postfix would be to add some headers that the client can work with later on:
sys.stdout.write(f"action=PREPEND X-Spam-Category: SPAM\n") sys.stdout.write(f"action=PREPEND X-SPF-STATUS: TempError\n") sys.stdout.write(f"action=PREPEND X-Spam-Score: 300\n")I would have assumed that the above code would add 3 separate headers to the email, but only the first one gets added.
Someone had a similar issue: https://list.postfix.users.narkive.com/kflzOJCi/policy-server-multiple-actions And I've read up on the man pages as many times as I can but I do not get any wiser from one statement in particular:
> When more than one PREPEND action executes, the first prepended header > appears before the second etc. prepended header. This indicates to me that this should be possible.I also tried some of the suggestions in the thread, which were to separate with comma in various configurations:
sys.stdout.write(f"action=PREPEND X-Spam-Category: SPAM, action=PREPEND X-SPF-STATUS: TempError\n\n") sys.stdout.write(f"action=PREPEND X-Spam-Category: SPAM, PREPEND X-SPF-STATUS: TempError\n\n") sys.stdout.write(f"action=PREPEND X-Spam-Category: SPAM, X-SPF-STATUS: TempError\n\n")
I'm obviously missing something as they are not prepended after each other. Here's one example email with headers of a failed attempt: Return-Path: <anton@invalid-domain> X-Original-To: an...@ok-domain.com Delivered-To: an...@ok-domain.comX-Spam-Category: SPAM,PREPEND X-SPF-STATUS: TempError,PREPEND X-Spam-Score: 300
Message-Id: <20230619141333.9f8cd20...@ok-domain.com> Date: Mon, 19 Jun 2023 16:13:33 +0200 (CEST) From: anton@invalid-domain test mail My master.cf has the following entry: policy-spf unix - n n - 0 spawn user=nobody argv=spfcheck sender And main.cf has the following: smtpd_recipient_restrictions = permit_sasl_authenticated reject_unauth_destination check_policy_service unix:private/policy-spfThe script executes but I just don't get how I would go about add multiple headers without having to reconfigure postfix to use classes. Mainly for the learning experience of working with external policy agents, but also because I'm mostly comfortable with writing applications.
I've been searching around for some decent examples but I keep getting back to https://launchpad.net/spf-engine which only adds one header and the access (5) manpage.
Any pointers in any direction would be greatly appreciated! //Anton
OpenPGP_0x5FBBB32941E3740A.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
