Date: Fri, 23 May 2008 10:01:02 GMT From: Valeriano Manassero <valeriano@contechlab.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/123928: postfix-policyd-spf not working as expected Message-ID: <200805231001.m4NA12TG031799@www.freebsd.org> Resent-Message-ID: <200805231010.m4NAA1gB018465@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 123928
>Category: ports
>Synopsis: postfix-policyd-spf not working as expected
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri May 23 10:10:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Valeriano Manassero
>Release: 7.0-RELEASE
>Organization:
>Environment:
FreeBSD nemesis.manassero.biz 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 19:59:52 UTC 2008 root@logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
>Description:
Hello.
I set the postfix-policyd-spf to work with postfix adding in master.cf
spf unix - n n - - spawn user=nobody argv=/usr/local/sbin/postfix-policyd-spf
and having in main,cf:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unauth_pipelining,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
check_policy_service unix:private/spf,
check_policy_service inet:127.0.0.1:10023,
reject_rbl_client zen.spamhaus.org,
permit
Then i remodified master.cf like this to obtain debug infos:
spf unix - n n - - spawn user=nobody argv=/usr/local/sbin/postfix-policyd-spf -d1
I obtained entries like this one in the log:
May 23 11:34:10 nemesis postfix/smtpd[14299]: connect from unknown[88.224.187.63]
May 23 11:34:12 nemesis postfix-policyd-spf: --> request=smtpd_access_policy
May 23 11:34:12 nemesis postfix-policyd-spf: --> protocol_state=RCPT
May 23 11:34:12 nemesis postfix-policyd-spf: --> protocol_name=ESMTP
May 23 11:34:12 nemesis postfix-policyd-spf: --> client_address=88.224.187.63
May 23 11:34:12 nemesis postfix-policyd-spf: [ip 88.224.187.63]
May 23 11:34:12 nemesis postfix-policyd-spf: --> client_name=unknown
May 23 11:34:12 nemesis postfix-policyd-spf: --> reverse_client_name=dsl88-244-47935.ttnet.net.tr
May 23 11:34:12 nemesis postfix-policyd-spf: --> helo_name=[88.224.187.63]
May 23 11:34:12 nemesis postfix-policyd-spf: [helo [88.224.187.63]]
May 23 11:34:12 nemesis postfix-policyd-spf: --> sender=etfujbgr@boyum-it.com
May 23 11:34:12 nemesis postfix-policyd-spf: [sender etfujbgr@boyum-it.com]
May 23 11:34:12 nemesis postfix-policyd-spf: --> recipient=postmaster@contechlab.com
May 23 11:34:12 nemesis postfix-policyd-spf: --> recipient_count=0
May 23 11:34:12 nemesis postfix-policyd-spf: --> queue_id=
May 23 11:34:12 nemesis postfix-policyd-spf: --> instance=37db.48368f94.8761e.0
May 23 11:34:12 nemesis postfix-policyd-spf: --> size=0
May 23 11:34:12 nemesis postfix-policyd-spf: --> etrn_domain=
May 23 11:34:12 nemesis postfix-policyd-spf: --> stress=
May 23 11:34:12 nemesis postfix-policyd-spf: --> sasl_method=
May 23 11:34:12 nemesis postfix-policyd-spf: --> sasl_username=
May 23 11:34:12 nemesis postfix-policyd-spf: --> sasl_sender=
May 23 11:34:12 nemesis postfix-policyd-spf: -->
As you can see the policid-spf seems to work correctly, but it send no response ("action=something") to postfix that correctly continue to process the request and accept the mail.
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200805231001.m4NA12TG031799>