From stuart at bmsi.com  Fri Sep 16 21:25:24 2005
From: stuart at bmsi.com (Stuart D. Gathman)
Date: Fri, 16 Sep 2005 21:25:24 -0400 (EDT)
Subject: [Pymilter] New SPF policy configuration idea
Message-ID: <Pine.LNX.4.44.0509162120240.29729-100000@bmsred.bmsi.com>

Any comments on this scheme for SPF policy configuration?

The sendmail access file, or another readonly database with that
format, can be used for detail spf policy.  SPF access policy
record are tagged with "SPF-{Result}:".  Results are
Pass, Neutral, Softfail, Fail, TempError, PermError.  Currently supported
policy keywords are OK, CBV, REJECT, TEMPFAIL, ERROR:"550 description".

The default policies are as follows:

SPF-Fail:       REJECT
SPF-Softfail:   CBV
SPF-Neutral:    OK
SPF-PermError:  REJECT
SPF-TempError:  TEMPFAIL
SPF-Pass:       OK

The tag may be followed by a specific domain.  For instance, to
require a Pass from aol.com:

SPF-Neutral:aol.com     ERROR:"550 AOL mail must get SPF PASS"
SPF-Softfail:aol.com    ERROR:"550 AOL mail must get SPF PASS"

-- 
	      Stuart D. Gathman <stuart at bmsi.com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.