Dns Error While Looking Up Spf.trusted-forwarder.org
Post #1 of 13 (4417 views) Permalink ignore errors during trusted-forwarder lookup? On Mon, Jul 26, 2004 at 11:56:02AM +0000, Patrick Mackinlay wrote: | Hello, | | I am writing to you regarding your SPF perl module. I am using this module | in conjunction with postfix and it works fine. However there is a | problem with the trusted forwarders functionality. Some of the trusted rules | require a reverse DNS lookup on the clients IP address. As I am sure you know | many people do not publish PTR records for their hosts, this results in | the SPF lookup failing with a DNS error, resulting in the email being | deferred (450 temporary DNS error ....). Since the error is not really | temporary (i.e. the PTR record is not likely to appear!) then the email | is deferred until the peer decides to give up. Perhaps it would be wiser | for PTR DNS errors, whilst evaluating trusted forwarder rules, resulting in a | neutral SPF result. As it stands I have to turn of the trusted forwarder | functionality, since it ultimately means rejecting all email from hosts | without PTR records. | | regards, | Patrick | | -- | Patrick Mackinlay patrick [at] spacesurfer | http://patrick.spacesurfer.com/ tel: +44.7050699851 | Yahoo messenger: patrick00_uk fax: +44.7050699852 | SpaceSurfer Limited http://www.spacereg.com/ | ------- To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname=spf-devel [at] v2 wayne at midwestcs Jul26,2004,10:33PM Post #2 of 13 (4352 views) Permalink Re: ignore errors during trusted-forwarder lookup? [In reply to] In <20040726132938.GW16052 [at] dumbo> Meng Weng Wong <mengwong [at] dumbo> writes: > On Mon, Jul 26, 2004 at 11:56:02AM +0000, Patrick Mackinlay wrote: > | I am writing to you regarding your SPF perl module. I am using this module > | in conjunction with postfix and it works fine. However there is a > | problem with the trusted forwarders functionality. Some of the trusted rules > | require a reverse DNS lookup on the clients IP address. As I am
Annotate this POD Related Modules Compress::Zlib Archive::Zip Math::BigInt Digest::SHA HTML::Parser DBIx::Simple Parse::RecDescent Module::Install Module::Build more... By perlmonks.org CPAN RT New http://search.cpan.org/perldoc/Mail::SPF::Query 1 Open 1 Stalled 3 View/Report Bugs Module Version: 1.999.1 Source NAME VERSION SYNOPSIS ABSTRACT DESCRIPTION BUGS NON-STANDARD FEATURES METHODS Mail::SPF::Query->new() $query->result() $query->result2() $query->message_result2() $query->best_guess() $query->trusted_forwarder() $query->sanitize('string') strict_sanitize('string') $query->debuglog() WARNINGS AUTHORS SEE ALSO NAME Mail::SPF::Query - query Sender Policy Framework for an IP,email,helo VERSION 1.999.1 SYNOPSIS dns error my $query = new Mail::SPF::Query (ip => "127.0.0.1", sender=>'foo@example.com', helo=>"somehost.example.com", trusted=>0, guess=>0); my ($result, # pass | fail | softfail | neutral | none | error | unknown [mechanism] $smtp_comment, # "please see http://www.openspf.org/why.html?..." when rejecting, return this string to the SMTP client $header_comment, # prepend_header("Received-SPF" => "$result ($header_comment)") dns error while $spf_record, # "v=spf1 ..." original SPF record for the domain ) = $query->result(); if ($result eq "pass") { "Domain is not forged. Apply RHSBL and content filters." } elsif ($result eq "fail") { "Domain is forged. Reject or save to spambox." } ABSTRACT The SPF protocol relies on sender domains to describe their designated outbound mailers in DNS. Given an email address, Mail::SPF::Query determines the legitimacy of an SMTP client IP address. DESCRIPTION There are two ways to use Mail::SPF::Query. Your choice depends on whether the domains your server is an MX for have secondary MXes which your server doesn't know about. The first and more common style, calling ->result(), is suitable when all mail is received directly from the originator's MTA. If the domains you receive do not have secondary MX entries, this is appropriate. This style of use is outlined i