pypolicyd-spf

Return value of pypolicyd-spf in postfix smtpd_recipient_restrictions

Asked by Petr Polesny

Hi, I plan to use pypolicyd-spf in postfix "smtpd_whatever_restrictions" like this:

smtpd_whatever_restrictions =
        permit_mynetworks
        ...
        check_policy_service unix:private/policyd-spf
        check_policy_service unix:postgrey/socket

to ensure that email with both "HELO_reject" and "Mail_From_reject" evaluated as PASS will not go through postgrey filtering.
Will it work this way with following settings of pass restriction parameters? Or what should be right settings?

HELO_pass_restriction =
mail_from_pass_restriction =

Thanks

Question information

Language:
English Edit question
Status:
Expired
For:
pypolicyd-spf Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Petr Polesny (petrpolesny) said : 		#1

I forgot to mention:
Centos7 + epel version pypolicyd-spf-1.3.2-1.el7.noarch

Thanks

Revision history for this message
Scott Kitterman (kitterman) said : 		#2

Only Mail From PASS RESTRICTION is implemented, there is no HELO equivalent. There is an example in the man page policyd-spf.conf.5. Did you check that?

Revision history for this message
Petr Polesny (petrpolesny) said : 		#3

Sure. But It's unclear to me. I'm no developer. I have no idea how is result passed to postfix and so (Like what is sent to postfix for SoftFail if HELO_reject = Fail?) I just need to know how can I bypass greylisting for certain cases. Thanks.

man 5 policyd-spf.conf
++++++++++++++++++
HELO/EHLO PASS RESTRICTION
       HELO Pass Restriction allows integration with other Postfix access controls by provding a user supplied name of a postfix access restriction to be applied to a message
       when the HELO checking result is Pass. The indicated restriction must be an action as defined for a Postfix SMTP server access table access(5) and explained in the
       Postfix RESTRICTION CLASS README. The README.per_user_whitelisting file provided with this distribution provides examples. Note: A helo pass restriction will be the
       returned result even if the mail from result would cause the message to be rejected.

       Example:
       HELO_pass_restriction = helo_passed_spf
       Default:
       None
++++++++++++++++++
Mail From PASS RESTRICTION
       Mail From Pass Restriction allows integration with other Postfix access contlols by provding a user supplied name of a postfix access restriction to be applied to a
       message when the HELO checking result is Pass. The indicated restriction must be an action as defined for a Postfix SMTP server access table access(5) and explained in
       the Postfix RESTRICTION CLASS README. Note: A mail from pass restriction will be the returned result even if the helo result would cause the message to be rejected.

       Example:
       mail_from_pass_restriction = mfrom_passed_spf
       Default:
       None
++++++++++++++++++

Revision history for this message
Launchpad Janitor (janitor) said : 		#4

This question was expired because it remained in the 'Open' state without activity for the last 15 days.

Revision history for this message
Scott Kitterman (kitterman) said : 		#5

Still need to find time to answer this.

Revision history for this message
Launchpad Janitor (janitor) said : 		#6

This question was expired because it remained in the 'Open' state without activity for the last 15 days.