Koozali.org: home of the SME Server

Legacy Forums => Suggestions => Topic started by: patrickthickey on March 31, 2004, 09:31:06 PM

Title: new 'SPF" email validation efforts
Post by: patrickthickey on March 31, 2004, 09:31:06 PM

The new Sender Policy Framework is starting to catch some buzz. It is an apparently useful tool to prevent forging of your domain and then using it to SPAM, etc.

http://spf.pobox.com

I'm asking out loud if any of the contribs email gurus have looked at this a possible addition to the server?

regards,

patrick

Title: Tremendous Idea!
Post by: bruce on April 12, 2004, 06:32:45 PM

As the bad guys (and girls) :-x get worse, SPF is becoming a necessity. The days of kicking back and enjoying a beer/pint :pint: while the server took care of itself are no longer an option. I would consider this to now be a basic feature, no longer an option.

Title: yes
Post by: pbearne on April 23, 2004, 05:21:29 PM

this looks as if it is posable and that we should do :idea:

Title: new 'SPF" email validation efforts
Post by: meneer on August 15, 2004, 08:18:03 AM

There are two reasons for using spf: blocking faked sender id's and registering your own sender id for others to use in their setups.

It seems that spamassassin can handle spf lookups, I don't know if the sme server version can be configured that way.

spf.pobox.com offers a wizard to help you create the rules to implement spf. The result of running the wizard is a rule for inclusion in the tinydns config.
Where do I go from there? Do I have to edit any tinydns config (and if so... how)? Is spamassassin the way to go?
Has anyone gone beyond configuring dns on sme server by registering at spf?

Title: new 'SPF" email validation efforts
Post by: Teviot on December 15, 2006, 03:39:55 AM

Quote

patrickthickey

 Posted: 01 Apr 2004 05:31    Post subject: new 'SPF" email validation efforts  

--------------------------------------------------------------------------------
 
The new Sender Policy Framework is starting to catch some buzz. It is an apparently useful tool to prevent forging of your domain and then using it to SPAM, etc.

http://spf.pobox.com

I'm asking out loud if any of the contribs email gurus have looked at this a possible addition to the server?

regards,

patrick
 

Have there been any developments????

Title: new 'SPF" email validation efforts
Post by: william_syd on December 15, 2006, 04:52:57 AM

You would have seen the other post explaining that SPF is done via your domain register for sending.

http://forums.contribs.org/index.php?topic=34664.msg149938#msg149938

For receiving you enable it similar to how greylisting is enabled. There is a post on that. http://forums.contribs.org/index.php?topic=34664.msg149938#msg149938

Code: [Select]

mkdir -p /usr/bin/config
chown qpsmtpd:qpsmtpd /usr/bin/config
mkdir -p /etc/e-smith/templates-custom/var/service/qpsmtpd/config/plugins/
echo sender_permitted_from spf_deny 1 > /etc/e-smith/templates-custom/var/service/qpsmtpd/config/plugins/09spf

/sbin/e-smith/expand-template /var/service/qpsmtpd/config/plugins

Have a read of /usr/share/qpsmtpd/plugins/sender_permitted_from