From david at porkrind.org Tue Dec 4 17:34:21 2012 From: david at porkrind.org (David Caldwell) Date: Tue, 4 Dec 2012 14:34:21 -0800 Subject: [Pymilter] [PATCH] spfmilter.py - Don't check SPF on authenticated senders Message-ID: <20121204223421.GA16074@porkrind.org> Hi, I'm trying to use spfmilter.py to check SPF on a Sendmail server that sends and receives mail. spfmilter.py is checking SPF on users that are trying to send mail (whether posted to the submission port or the smtp port). If the user has logged in with a user and password then they are trusted and I don't think SPF should be checked. The following patch implements this. It has only been tested with Sendmail but is working for me. -David -------------- next part -------------- A non-text attachment was scrubbed... Name: authenticated-sender.patch Type: text/x-diff Size: 1009 bytes Desc: not available URL: From stuart at bmsi.com Wed Dec 5 17:21:36 2012 From: stuart at bmsi.com (Stuart D Gathman) Date: Wed, 5 Dec 2012 17:21:36 -0500 (EST) Subject: [Pymilter] [PATCH] spfmilter.py - Don't check SPF on authenticated senders In-Reply-To: <20121204223421.GA16074@porkrind.org> References: <20121204223421.GA16074@porkrind.org> Message-ID: On Dec 4, David Caldwell transmitted in part: > I'm trying to use spfmilter.py to check SPF on a Sendmail server that > sends and receives mail. spfmilter.py is checking SPF on users that are > trying to send mail (whether posted to the submission port or the smtp > port). If the user has logged in with a user and password then they are > trusted and I don't think SPF should be checked. > > The following patch implements this. It has only been tested with Sendmail > but is working for me. You'll find that milter-0.8.17 has that, and also a way to configure cross user forgery prevention. Each SMTP AUTH user name can be restricted in what domains it is allowed to use. From david at porkrind.org Wed Dec 5 18:13:34 2012 From: david at porkrind.org (David Caldwell) Date: Wed, 05 Dec 2012 15:13:34 -0800 Subject: [Pymilter] [PATCH] spfmilter.py - Don't check SPF on authenticated senders In-Reply-To: References: <20121204223421.GA16074@porkrind.org> Message-ID: <50BFD51E.6080805@porkrind.org> On 12/5/12 2:21 PM, Stuart D Gathman wrote: > On Dec 4, David Caldwell transmitted in part: > >> I'm trying to use spfmilter.py to check SPF on a Sendmail server that >> sends and receives mail. spfmilter.py is checking SPF on users that are >> trying to send mail (whether posted to the submission port or the smtp >> port). If the user has logged in with a user and password then they are >> trusted and I don't think SPF should be checked. > > You'll find that milter-0.8.17 has that, and also a way to configure > cross user forgery prevention. Each SMTP AUTH user name can be > restricted in > what domains it is allowed to use. Oh, thanks, my mistake! I grabbed the sources from Debian and didn't think to check that they weren't the latest version (they are at 0.8.13). -David -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4459 bytes Desc: S/MIME Cryptographic Signature URL: From tom at whyscream.net Sun Dec 23 13:11:50 2012 From: tom at whyscream.net (Tom Hendrikx) Date: Sun, 23 Dec 2012 19:11:50 +0100 Subject: [Pymilter] custom reply text after quarantine? Message-ID: <50D74966.9000708@whyscream.net> Hi, based on this [1] message, I wanted to try reporting something like this too: self.quarantine('Message is {} according to milter'.format(result)) self.setreply('250', '5.7.1', 'Message is quarantined') return Milter.ACCEPT This triggers a traceback ending in: File "/usr/lib/python2.7/dist-packages/Milter/__init__.py", line 374, in setreply return self._ctx.setreply(rcode,xcode,msg,*ml) milter.error: cannot set reply Is there any way to accomplished the above? [1] http://www.dmarc.org/pipermail/dmarc-discuss/2012-December/001552.html -- Kind regards and happy holidays, Tom