other versions
- wheezy 1.0-2
- wheezy-backports 1.3.1-1~bpo70+1
- jessie 1.3.1-1
- testing 2.0.1-1
- unstable 2.0.1-1
policy-spf(1) | General Commands Manual | policy-spf(1) |
NAME¶
python-policyd-spf - pure-Python Postfix policy daemon for SPF checkingVERSION¶
1.3USAGE¶
NOTE: Depending on the packaging and distribution, the exact path to the executable may vary.(Config file name to use)
OTHER DOCUMENTATION¶
This documentation assumes you have read Postfix's README_FILES/ SMTPD_POLICY_README and are generally familiar with Sender Policy Framework (SPF). See RFC 7208 for details.SYNOPSIS¶
python-policyd-spf is a Postfix SMTPd policy daemon for SPF checking. It is implemented in pure Python and uses the pyspf module. The SPF web site is http://www.openspf.org/. The Postfix configuration must be changed to check SPF.DESCRIPTION¶
Logging is sent to syslogd.LOGGING¶
Policyd-spf will log messages to syslog about it's activities. The "debugLevel" value in "policyd-spf.conf" can be increased to get additional information to be logged. When set to a value of "0", only test results (SPF hits/misses) are logged. Results will be returned to Postfix and logged as a warning by Postfix also. For logging by this policy server, look for "policyd-spf" in your mail log files.TESTING THE POLICY DAEMON¶
Testing the policy daemonpolicyd-spf
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
helo_name=some.domain.tld
queue_id=8045F2AB23
instance=12345.6789
sender=foo@bar.tld
recipient=bar@foo.tld
client_address=1.2.3.4
client_name=another.domain.tld
[empty line]
action=dunno
[empty line]
POSTFIX INTEGRATION¶
1. Add the following to /etc/postfix/master.cf:
policyd-spf unix - n n - 0 spawn
user=policyd-spf argv=/usr/bin/policyd-spf
NOTE: Check the path to both the installed Python interpreter and
policyd-spf. These vary from system to system. To use non-default
settings, you must also add the config file (see above and
policyd-spf.conf(5) for details).
2. Configure the Postfix policy service in /etc/postfix/main.cf:
smtpd_recipient_restrictions =
...
reject_unauth_destination
check_policy_service unix:private/policyd-spf
...
policyd-spf_time_limit = 3600
NOTE: Specify check_policy_service AFTER reject_unauth_destination or
else your system can become an open relay.
3. Reload Postfix.
SEE ALSO¶
policyd-spf.conf(5), policyd-spf.peruser(5), python-spf, <http://www.openspf.org>, RFC 7208AUTHORS¶
This version of python-policyd-spf was written by Copyright © 2007-2012 Scott Kitterman <scott@kitterman.com>. It is derived from Tumgreyspf, written by Sean Reifschneider, tummy.com, ltd <jafo@tummy.com>. Portions of the documentation were written by Meng Weng Wong <mengwong@pobox.com>. This man-page was created by Scott Kitterman <scott@kitterman.com>.2012-03-17 |