> > Pulled this out of the patch code: > 3 selects 'reject' mode, > +where incoming mail will be rejected if the SPF record says 'fail'. 4 > +selects a more stricter rejection mode, which is like 'reject' mode, > +except that incoming mail will also be rejected when the SPF record > > +says 'softfail'. > I haven't tested it, I don't even block for spf because it breaks > standard forwarding..., but the description leads me to believe that 4 > is a combination of 3 (reject mode) and 4 (softfail). > > -- > > Jason > [EMAIL PROTECTED]
Well the the patch from www.libspf.org say 0: disabled 1: enabled (only prepends headers, and only if spfheaderstate == 1) 2: REJECT: fail; ACCEPT: pass, none, softfail, error, netural, unknown; 3: REJECT: fail, softfail; ACCEPT: pass, none, error, netural, unknown; 4: REJECT: fail, softfail, neutral; ACCEPT: pass, none, error, unknown; 5: REJECT: fail, softfail, neutral, none; ACCEPT: pass, error, unknown; 6: REJECT: fail, softfail, neutral, none, error; ACCEPT: pass, unknown; 7: REJECT: fail, softfail, neutral, none, error, unknown; ACCEPT: pass; and the patch from http://www.saout.de/misc/spf/ say 0: Never do SPF lookups, don't create Received-SPF headers 1: Only create Received-SPF headers, never block 2: Use temporary errors when you have DNS lookup problems 3: Reject mails when SPF resolves to fail (deny) 4: Reject mails when SPF resolves to softfail 5: Reject mails when SPF resolves to neutral 6: Reject mails when SPF does not resolve to pass the shupp use patch from http://www.saout.de/misc/spf/ (I think) Carlos
signature.asc
Description: This is a digitally signed message part
