NAME

Mail::MtPolicyd::Plugin::SPF - mtpolicyd plugin to apply SPF checks

VERSION

version 2.05

DESCRIPTION

This plugin applies Sender Policy Framework(SPF) checks.

Checks are implemented using the Mail::SPF perl module.

Actions based on the SPF result can be applied for:

pass (pass_mode, default: passive)

softfail (softfail_mode, default: passive)

fail (fail_mode, default: reject)

temperror (temperror_mode, default: defer)

permerror (permerror_mode, default: reject)

For status 'neutral' no action or score is applied.

PARAMETERS

(uc_)enabled (default: on)

Enable/disable the plugin.

(uc_)pass_mode (default: passive)

How to behave if the SPF checks passed successfully:

passive

Just apply score. Do not return an action.

accept, dunno

Will return an 'dunno' action.

pass_score (default: empty)

Score to apply when the sender has been successfully checked against SPF.

(uc_)softfail_mode (default: passive)

How to behave if the SPF checks returned a softfail status.

passive

Just apply score. Do not return an action.

accept, dunno

Will return an 'dunno' action.

reject

Return an reject action.

softfail_score (default: empty)

Score to apply when the SPF check returns an softfail status.

(uc_)fail_mode (default: reject)

reject

Return an reject action.

passive

Just apply score and do not return an action.

temperror_mode (default: defer)

Action to apply on a temperror SPF result.

Possible values: passive, dunno, defer, reject

temperror_score (default: empty)

Score to apply on a temperror SPF result.

By default no score is applied.

permerror_mode (default: reject)

Action to apply on a permerror SPF result.

Possible values: passive, dunno, defer, reject

permerror_score (default: empty)

Score to apply on a permerror SPF result.

By default no score is applied.

reject_message (default: )

If fail_mode is set to 'reject' this message is used in the reject.

The following pattern will be replaced in the string:

%LOCAL_EXPL%

Will be replaced with a (local) explanation of the check result.

%AUTH_EXPL%

Will be replaced with a URL to the explanation of the result.

This URL could be configured with 'default_authority_explanation'.

fail_score (default: empty)

Score to apply if the sender failed the SPF checks.

default_authority_explanation (default: See http://www.%{d}/why/id=%{S};ip=%{I};r=%{R})

String to return as an URL pointing to an explanation of the SPF check result.

See Mail::SPF::Server for details.

hostname (default: empty)

An hostname to show in the default_authority_explanation as generating server.

whitelist (default: '')

A comma separated list of IP addresses to skip.

check_helo (default: "on")

Set to 'off' to disable SPF check on helo.

max_dns_interactive_terms (default: 10)

Maximum number of terms using DNS lookup in a SPF record to evaluate.

Exceeding this limit will cause a permanent error as specified by RFC7208.

The default of 10 is also specified in by RFC7208.

max_name_lookups_per_term (default: 10)

Maximum number of DNS lookups per SPF term.

max_void_dns_lookups (default: 2)

Maximum number of void DNS lookups.

EXAMPLE

  <Plugin spf>
    module = "SPF"
    pass_mode = passive
    pass_score = -10
    fail_mode = reject
    #fail_score = 10
  </Plugin>

SEE ALSO

Mail::SPF, OpenSPF "" in www.openspf.org, RFC 7208 https://tools.ietf.org/html/rfc7208

AUTHOR

Markus Benning <ich@markusbenning.de>

COPYRIGHT AND LICENSE

This software is Copyright (c) 2014 by Markus Benning <ich@markusbenning.de>.

This is free software, licensed under:

  The GNU General Public License, Version 2, June 1991