Re: [policyd-users] "Add SPF Header" problem

Sun, 16 Oct 2011 09:13:55 -0700 

On 10/16/11 16:04, Nigel Kukard wrote:
> On 10/10/11 15:07, Nigel Kukard wrote:
>> On 10/09/11 16:03, Hieronim Sokolski wrote:
>>> Hello all,
>> Hi,
>>
>>> ----- Oryginalna wiadomość -----
>>>> Od: "Nigel Kukard" <[email protected]>
>>>> Do: [email protected]
>>>> Wysłane: wtorek, 6 wrzesień 2011 23:21:27
>>>> Temat: Re: [policyd-users] "Add SPF Header" problem
>>>> The postfix delegation protocol has 1 return result per message,
>>>> checking the code the SPF header is not added if the message passes
>>>> SPF
>>>> , only if it does not pass.
>>> I have similiar problem: if Greylisting and CheckSPF modules are both used 
>>> in incoming policy, and SPF is set to add header only, no reject, header is 
>>> not set instead of hard SPF fail.
>>>
>>> This is second try, so the pretender passes greylisting:
>>>
>>> Oct  9 17:29:47 cbhost postfix/smtpd[3591]: connect from 
>>> fakehost[xxx.xxx.xxx.xxx]
>>> Oct  9 17:30:14 cbhost cbpolicyd[3498]: module=CheckSPF, action=add_header, 
>>> host=xxx.xxx.xxx.xxx, helo=fakehost, from=root@fakedomain, to=me@mydomain, 
>>> reason=spf_fail
>>> Oct  9 17:30:14 cbhost cbpolicyd[3498]: module=Greylisting, action=pass, 
>>> host=xxx.xxx.xxx.xxx, helo=fakehost, from=root@fakedomain, to=me@mydomain, 
>>> reason=authenticated
>>>
>>> received message has no SPF header.
>> Only 1 verdict can be returned .... I'll look into if "pass" is maybe
>> overwriting "add_header".
>>
>> Maybe better behavior would be that add_header supersedes pass as a
>> verdict, but any failure or anything else supersedes that... hrmm.
>>
>>> Then Greylisting check goes disabled:
>>>
>>> Oct  9 17:31:41 cbhost postfix/smtpd[3591]: connect from 
>>> fakehost[xxx.xxx.xxx.xxx]
>>> Oct  9 17:32:07 cbhost cbpolicyd[3480]: module=CheckSPF, action=add_header, 
>>> host=xxx.xxx.xxx.xxx, helo=fakehost, from=root@fakedomain, to=me@mydomain, 
>>> reason=spf_fail
>>>
>>> and message has Received-SPF: header with full details.
>>>
>>> Am I doing something wrong, or this is a bug? I have noticed this behaviour 
>>> in cbpolicyd 2.0.10 - the one shipped with Zimbra 7 - but today I have 
>>> installed the newest version from git and I have exactly the same results.
>>>
>>> Thanks in advance for explaining what should I do to get greylisting 
>>> working and SPF tagging all messages.
>>>
>> Regards
>> Nigel
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> [email protected]
>> http://lists.policyd.org/mailman/listinfo/users
>
> In cbp/protocols/postfix.pm , try change the code along line 132 to
> look like this (backup the file first) ...
>
> --
>     # Check protocol responses...
>     if ($resp == PROTO_PASS) {
>         if (!defined($resp) || (defined($resp) && $resp !=
> PROTO_PREPEND)) {
>             $response = "DUNNO";
>             $response_data = $data;
>             return CBP_CONTINUE;
>         }
>
>     } elsif ($resp == PROTO_OK) {
> --
>
>
> Let me know if it works.
>

Sorry, typo ....


--
    # Check protocol responses...
    if ($resp == PROTO_PASS) {
        if (!defined($resp) || (defined($resp) && $resp != PROTO_PREPEND)) {
            $response = "DUNNO";
            $response_data = $data;
        }
        return CBP_CONTINUE;

    } elsif ($resp == PROTO_OK) {
--


Regards
-N

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users

Reply via email to