Re: what happened to smtpd-filters.7 ?
filters are implemented in lka_filter.c. According to cvs log filter.c is removed in 2017 and was probably part of the first filter attempt. smtpd-filters.7 has never been hooked up to the build. Probably because it needs a little more scrutiny. But most in there can be used. martijn@ On Fri, 2021-03-19 at 07:56 +0100, Harald Dunkel wrote: > Hi folks, > > looking at github there is a file "smtpd-filters.7" and "filter.c" > in smtpd, but apparently they are not used at build or install time. > configure.ac doesn't mention them, either, so I wonder whats the > story here? Have they been forgotten? Obsolete code? > > > Regards > Harri >
Re: what happened to smtpd-filters.7 ?
Hi Martin, thank you very much for your response. I stumbled over this lost man page looking for additional information about the filters mentioned on https://man.openbsd.org/smtpd.conf. Apparently there are a few more unused source files in the git repository. They are very hard to detect without running make. Regards Harri
smtpctl spf walk chokes on macros - is it possible to work around this?
Watching indly while I run the script that refreshes my nospamd data[1] I see
several occurences of messages like
processing verticalresponse.com
smtpctl: lookup_record: %{i}._spf.mta.salesforce.com contains macros and can't
be resolved
digging through the dig $domain txt output turns up the salesforce.com record is
_spf.salesforce.com.3512IN TXT "v=spf1
exists:%{i}._spf.mta.salesforce.com -all"
is there a way to shoehorn this into something useful in our context?
All the best,
Peter
[1] Described in
https://bsdly.blogspot.com/2018/11/goodness-enumerated-by-robots-or.html
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: smtpctl spf walk chokes on macros - is it possible to work around this?
On Fri, 2021-03-19 at 11:46 +0100, Peter N. M. Hansteen wrote:
> Watching indly while I run the script that refreshes my nospamd data[1] I see
> several occurences of messages like
>
>
> processing verticalresponse.com
> smtpctl: lookup_record: %{i}._spf.mta.salesforce.com contains macros and
> can't be resolved
>
> digging through the dig $domain txt output turns up the salesforce.com record
> is
>
> _spf.salesforce.com.3512IN TXT "v=spf1
> exists:%{i}._spf.mta.salesforce.com -all"
>
> is there a way to shoehorn this into something useful in our context?
I don't see how this can be done in a sane way, since the content of
the macro's isn't know at the time of resolving via spf walk.
In this particular case we would have to walk over every single ipv4
and ipv6 ip-address in existence and paste it before
_spf.mta.salesforce.com in order to know which hosts are allowed to
mail from spf.salesforce.com. Not something that's very likely.
*Maybe* there could be some option where we could add something like
`smtpctl spf walk -i 127.0.0.1 verticalresponse.com`, but I guess
that would not be a useful option for you, since you want to know
which hosts are allowed to begin with.
martijn@
>
> All the best,
> Peter
>
> [1] Described in
> https://bsdly.blogspot.com/2018/11/goodness-enumerated-by-robots-or.html
>
