"Fossies" - the Fresh Open Source Software Archive

Member "Mail-SPF-Query-1.999.1/examples/exim-acl" (31 Dec 2005, 2410 Bytes) of package /linux/privat/old/Mail-SPF-Query-1.999.1.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 # SPF Auth test for Exim 4.xx
    2 # Version 2.09 by david @ ols . es
    3 #
    4 # Features:
    5 #
    6 #    Full SPF support via spfd socket
    7 #
    8 # Warning:
    9 #
   10 #    Will use acl_m9, acl_m8, acl_m7
   11 #
   12 # Requires
   13 #
   14 #    Mail::SPF::Query ver 1.9.1
   15 #
   16 # Usage instructions:
   17 #
   18 # 1. copy this file to your /usr/local/exim
   19 #
   20 # 2. add this line to your exim configuration file after your
   21 #    begin acl:
   22 #
   23 #    .include /usr/local/exim/spf.acl
   24 #
   25 # 3. Grab a copy of Mail::SPF::Query from
   26 #    http://www.openspf.org/downloads.html and install it
   27 #
   28 # 4. Run spfd -path=/tmp/spfd as the same user as Exim runs
   29 #
   30 # 5. Now you can use the test on your RCPT/MAIL ACL this way:
   31 #
   32 #    deny    !acl        = spf_rcpt_acl
   33 #
   34 #    And on your DATA ACL:
   35 #
   36 #    deny    senders     = :
   37 #            !acl        = spf_from_acl
   38 #
   39 #    now acl_m8 will hold 'pass','fail', 'unknown', ...
   40 #    so you can take other decisions based on the result
   41 #    like being more strict on some circumstances:
   42 #
   43 #    deny     senders     = :
   44 #             condition   = ${if eq {$acl_m8}{softfail}{yes}{no}}
   45 #             message     = Not authorized by SPF
   46 
   47 spf_rcpt_acl:
   48 
   49     # Check envelope sender
   50 
   51     warn     set acl_m8  = $sender_address
   52     deny     !acl        = spf_check
   53     warn     message     = Received-SPF: $acl_m8 ($acl_m7)
   54     accept
   55 
   56 spf_from_acl:
   57 
   58     # Check header From:
   59 
   60     warn     set acl_m8  = ${address:$h_from:}
   61     deny     !acl        = spf_check
   62     warn     message     = Received-SPF: $acl_m8 ($acl_m7)
   63     accept
   64 
   65 spf_check:
   66 
   67     warn     set acl_m9  = ${readsocket{/tmp/spfd}\
   68                            {ip=$sender_host_address\n\
   69                            helo=${if def:sender_helo_name\
   70                            {$sender_helo_name}{NOHELO}}\
   71                            \nsender=$acl_m8\n\n}{20s}{\n}{socket failure}} 
   72 
   73     # Defer on socket error
   74 
   75     defer    condition   = ${if eq{$acl_m9}{socket failure}{yes}{no}}
   76              message     = Cannot connect to spfd
   77 
   78     # Prepare answer and get results
   79 
   80     warn     set acl_m9  = ${sg{$acl_m9}{\N=(.*)\n\N}{=\"\$1\" }}
   81              set acl_m8  = ${extract{result}{$acl_m9}{$value}{unknown}}
   82              set acl_m7  = ${extract{header_comment}{$acl_m9}{$value}{}}
   83 
   84     # Check for fail
   85 
   86     deny     condition   = ${if eq{$acl_m8}{fail}{yes}{no}}
   87              message     = ${extract{smtp_comment}{$acl_m9}{$value}{}}
   88              log_message = Not authorized by SPF
   89 
   90     accept