File: 25_spf.cf

package info (click to toggle)
spamassassin 4.0.2-3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 25,724 kB
  • sloc: perl: 89,143; ansic: 5,193; sh: 3,737; javascript: 339; sql: 295; makefile: 209; python: 49
file content (124 lines) | stat: -rw-r--r-- 4,397 bytes parent folder | download | duplicates (5) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 
# SpamAssassin - SPF rules
#
# Please don't modify this file as your changes will be overwritten with
# the next update. Use @@LOCAL_RULES_DIR@@/local.cf instead.
# See 'perldoc Mail::SpamAssassin::Conf' for details.
#
# <@LICENSE>
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to you under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at:
# 
#     http://www.apache.org/licenses/LICENSE-2.0
# 
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# </@LICENSE>
#
###########################################################################

# Requires the Mail::SpamAssassin::Plugin::SPF plugin be loaded.

ifplugin Mail::SpamAssassin::Plugin::SPF

# SPF support:
#   "pass" is nice
#   "neutral" is somewhat bad
#   "fail" is bad
#   "softfail" is bad, but not as bad as "fail"
#   "permerror" is very bad, and means the domain doesn't have a valid spf record
# These are more trustworthy results than the SPF_HELO rules.

# some are "userconf" so that scores are set by hand?

header   SPF_PASS	eval:check_for_spf_pass()
describe SPF_PASS	SPF: sender matches SPF record
tflags   SPF_PASS	nice userconf net
reuse    SPF_PASS

header   SPF_NEUTRAL	eval:check_for_spf_neutral()
describe SPF_NEUTRAL	SPF: sender does not match SPF record (neutral)
tflags   SPF_NEUTRAL	net
reuse    SPF_NEUTRAL

header   SPF_FAIL	eval:check_for_spf_fail()
describe SPF_FAIL	SPF: sender does not match SPF record (fail)
tflags   SPF_FAIL	net
reuse    SPF_FAIL

header   SPF_SOFTFAIL	eval:check_for_spf_softfail()
describe SPF_SOFTFAIL	SPF: sender does not match SPF record (softfail)
tflags   SPF_SOFTFAIL	net
reuse    SPF_SOFTFAIL


# NOTE: SPF_HELO_PASS is not incredibly hard to fake, so shouldn't
# provide much in the way of points compared to SPF_PASS et al.
# However, a *failure* is still a very good spamsign.

header   SPF_HELO_PASS		eval:check_for_spf_helo_pass()
describe SPF_HELO_PASS		SPF: HELO matches SPF record
tflags   SPF_HELO_PASS		nice userconf net
reuse    SPF_HELO_PASS

header   SPF_HELO_NEUTRAL	eval:check_for_spf_helo_neutral()
describe SPF_HELO_NEUTRAL	SPF: HELO does not match SPF record (neutral)
tflags   SPF_HELO_NEUTRAL	net
reuse    SPF_HELO_NEUTRAL

header   SPF_HELO_FAIL		eval:check_for_spf_helo_fail()
describe SPF_HELO_FAIL		SPF: HELO does not match SPF record (fail)
tflags   SPF_HELO_FAIL		net
reuse    SPF_HELO_FAIL

header   SPF_HELO_SOFTFAIL	eval:check_for_spf_helo_softfail()
describe SPF_HELO_SOFTFAIL	SPF: HELO does not match SPF record (softfail)
tflags   SPF_HELO_SOFTFAIL	net
reuse    SPF_HELO_SOFTFAIL

# Implementing the Sender Check for No SPF REcord defaulting to disabled so Admins can override
header   SPF_NONE		eval:check_for_spf_none()
describe SPF_NONE		SPF: sender does not publish an SPF Record
tflags   SPF_NONE		net
reuse    SPF_NONE

header   SPF_HELO_NONE		eval:check_for_spf_helo_none()
describe SPF_HELO_NONE		SPF: HELO does not publish an SPF Record
tflags   SPF_HELO_NONE		net
reuse    SPF_HELO_NONE



if can(Mail::SpamAssassin::Plugin::SPF::has_check_for_spf_errors)

header   T_SPF_PERMERROR	eval:check_for_spf_permerror()
describe T_SPF_PERMERROR	SPF: test of record failed (permerror)
tflags   T_SPF_PERMERROR	net
reuse    T_SPF_PERMERROR

header   T_SPF_TEMPERROR	eval:check_for_spf_temperror()
describe T_SPF_TEMPERROR	SPF: test of record failed (temperror)
tflags   T_SPF_TEMPERROR	net
reuse    T_SPF_TEMPERROR

header   T_SPF_HELO_PERMERROR	eval:check_for_spf_helo_permerror()
describe T_SPF_HELO_PERMERROR	SPF: test of HELO record failed (permerror)
tflags   T_SPF_HELO_PERMERROR	net
reuse    T_SPF_HELO_PERMERROR

header   T_SPF_HELO_TEMPERROR	eval:check_for_spf_helo_temperror()
describe T_SPF_HELO_TEMPERROR	SPF: test of HELO record failed (temperror)
tflags   T_SPF_HELO_TEMPERROR	net
reuse    T_SPF_HELO_TEMPERROR

endif



endif   # Mail::SpamAssassin::Plugin::SPF