Bug#290464: SPF setup
Robert Millan
rmh at aybabtu.com
Thu Jun 22 18:31:50 UTC 2006
FWIW, here's a short recipe to setup SPF on debian exim packages (much
easier than setting up spfd imho):
apt-get install libmail-spf-query-perl
Reconfigure exim4-config with "split small files" option.
Add this blurb to 30_exim4-config_check_rcpt, right after "acl_check_rcpt:"
# Use "spfquery" to obtain SPF status for this particular sender/host.
# If the return code of that command is 1, this is an unauthorized sender.
#
deny
message = [SPF] $sender_host_address is not allowed to send mail from $sender_address_domain. \
Please see http://www.openspf.org/why.html?sender=$sender_address&ip=$sender_host_address
log_message = SPF check failed.
set acl_m9 = -ip=$sender_host_address \
-sender=$sender_address \
-helo=\"$sender_helo_name\"
set acl_m9 = ${run{/usr/bin/spfquery $acl_m9}}
condition = ${if eq {$runrc}{1}{true}{false}}
NOTE: If you use sarge, you might need to move the relay/auth "accept" ACLs
up from the bottom of this file, to avoid performing SPF checks on your own
mail agents.
--
Robert Millan
More information about the Pkg-exim4-maintainers
mailing list