Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SPF on Postfix

0 views
Skip to first unread message

Kev

unread,
Mar 15, 2005, 9:58:25 AM3/15/05
to
Hi,

can any one help me to find a good document to install SPF checking on a postfix
on fedora 1 box ?

thanks
Kev

Magnus Bäck

unread,
Mar 15, 2005, 10:03:01 PM3/15/05
to
On Tue, March 15, 2005 5:01 pm, Kev said:

[...]

> policy unix - n n - - spawn user=3Dn=
obody
> argv=3D/usr/bin/perl /usr/libexec/postfix/smtpd-policy.pl

I hope this is either on one line or that the second line is actually
indented in your master.cf.

> try to send a test mail,
> OK, connected to babyfish.orbitnet.org...
> < 220 server.domain.com
>> HELO edit.dnsvr.com
> < 250 server.domain.com
>> MAIL FROM:<kal...@kalinga.com>
> < 250 Ok
>> RCPT TO:<ad...@domain.com>
> < 450 Server configuration problem
>
> can any one tell me what seem to be the prb ?

Read your logs!

Stop top-posting.

--=20
Magnus B=E4ck
mag...@dsek.lth.se

Robin Lynn Frank

unread,
Mar 15, 2005, 10:00:18 PM3/15/05
to

--=-xDw+eyfDLnOBiAnRJvmj
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Tue, 2005-03-15 at 06:58, Kev wrote:
> Hi,
>=20
> can any one help me to find a good document to install SPF checking on a =


postfix
> on fedora 1 box ?


Postfix source tarballs contain an spf script and instructions how to
use it. I have no way of knowing if it is included in the fedora
package. If not, you can find it and instructions for its use at
spf.listbox.com. One caveat, the script at the spf site has several
lines before #!/usr/bin/perl which you may need to remove before it will
work.
--=20
Robin Lynn Frank - Director of Operations - Paradigm-Omega, LLC
Website: http://www.paradigm-omega.com/
RSS: http://paradigm-omega.blogspot.com/atom.xml
Spamtraps: http://www.paradigm-omega.net/cgi-bin/custmail.cgi
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Usenet provides proof there is no intelligent life.

--=-xDw+eyfDLnOBiAnRJvmj
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Sed quis custodiet ipsos custodes?

iD8DBQBCNvp2o0pgX8xyW4YRAkPsAKCb8nBJKenj3qHYoOBXXYpvkPq0UQCglWum
GQy3GnAHcusfNX7fhd4r6SE=
=zw/3
-----END PGP SIGNATURE-----

--=-xDw+eyfDLnOBiAnRJvmj--

Kev

unread,
Mar 15, 2005, 9:52:41 PM3/15/05
to
here;s what i did

got the spf pl form
http://spf.pobox.com/postfix-policyd.txt

removed the lines
<%attr>
autohandler_skip => 1
</%attr>

copyed the files to
/usr/libexec/postfix/smtpd-policy.pl

edit the main.cf
smtpd_recipient_restrictions = reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient,reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination,check_policy_service unix:private/policy


edit the master.cf
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
# MAIN SMTP
policy unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/smtpd-policy.pl

try to send a test mail,
OK, connected to babyfish.orbitnet.org...
< 220 server.domain.com
> HELO edit.dnsvr.com
< 250 server.domain.com
> MAIL FROM:<kal...@kalinga.com>
< 250 Ok
> RCPT TO:<ad...@domain.com>
< 450 Server configuration problem


can any one tell me what seem to be the prb ?

On Tue, 15 Mar 2005 21:39:10 +0600
Kev <savage...@hanikamail.com> wrote:

> Hi,
>
> if its not to much to ask, can you send me the pl file that works ?
> the one i have give me a 450 server configure error
>
> thanks
> Kev


>
> On Tue, 15 Mar 2005 07:08:40 -0800
> Robin Lynn Frank <rlf...@paradigm-omega.com> wrote:
>
> > On Tue, 2005-03-15 at 06:58, Kev wrote:
> > > Hi,
> > >

> > > can any one help me to find a good document to install SPF checking on a postfix


> > > on fedora 1 box ?
> >
> >
> > Postfix source tarballs contain an spf script and instructions how to
> > use it. I have no way of knowing if it is included in the fedora
> > package. If not, you can find it and instructions for its use at
> > spf.listbox.com. One caveat, the script at the spf site has several
> > lines before #!/usr/bin/perl which you may need to remove before it will
> > work.
> > --

> > Robin Lynn Frank - Director of Operations - Paradigm-Omega, LLC
> > Website: http://www.paradigm-omega.com/
> > RSS: http://paradigm-omega.blogspot.com/atom.xml
> > Spamtraps: http://www.paradigm-omega.net/cgi-bin/custmail.cgi

> > =====================================================================

Kev

unread,
Mar 15, 2005, 9:57:36 PM3/15/05
to

Robin Lynn Frank

unread,
Mar 15, 2005, 9:49:12 PM3/15/05
to

--=-A85givuNIW0M0IYiizES
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Tue, 2005-03-15 at 08:01, Kev wrote:
> here;s what i did=20
>=20
> got the spf pl form=20
> http://spf.pobox.com/postfix-policyd.txt
>=20
> removed the lines=20
> <%attr>
> autohandler_skip =3D> 1
> </%attr>
>=20
> copyed the files to=20
> /usr/libexec/postfix/smtpd-policy.pl
>=20
> edit the main.cf
> smtpd_recipient_restrictions =3D reject_invalid_hostname, reject_non_fqdn=
_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient,reject_unknown=
_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, =
reject_unauth_destination,check_policy_service unix:private/policy
>=20
>=20
> edit the master.cf
> # =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D


> # service type private unpriv chroot wakeup maxproc command + args
> # (yes) (yes) (yes) (never) (100)

> # =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D
> # MAIN SMTP
> policy unix - n n - - spawn user=3Dnob=
ody argv=3D/usr/bin/perl /usr/libexec/postfix/smtpd-policy.pl
>=20
>=20
>=20


> try to send a test mail,
> OK, connected to babyfish.orbitnet.org...
> < 220 server.domain.com
> > HELO edit.dnsvr.com
> < 250 server.domain.com
> > MAIL FROM:<kal...@kalinga.com>
> < 250 Ok
> > RCPT TO:<ad...@domain.com>
> < 450 Server configuration problem

>=20
>=20


> can any one tell me what seem to be the prb ?

>=20
>=20
>=20
>=20
Did you make your policyd script executable?
Postfix logs warnings and errors. so if your OS is set up to split those
logs apart, what do they say?
--=20


Robin Lynn Frank - Director of Operations - Paradigm-Omega, LLC
Website: http://www.paradigm-omega.com/
RSS: http://paradigm-omega.blogspot.com/atom.xml
Spamtraps: http://www.paradigm-omega.net/cgi-bin/custmail.cgi

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Reasons your mail was rejected:
550 email contains content

--=-A85givuNIW0M0IYiizES


Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Sed quis custodiet ipsos custodes?

iD8DBQBCNwqBo0pgX8xyW4YRAq66AJ0cbz64E1hhzBRjc5+ggWlbkh7lJgCgpz8G
78VAvhPiLINrI6xBeS6pH8I=
=57Z9
-----END PGP SIGNATURE-----

--=-A85givuNIW0M0IYiizES--

0 new messages