| # SpamAssassin - SPF rules |
| # |
| # Please don't modify this file as your changes will be overwritten with |
| # the next update. Use @@LOCAL_RULES_DIR@@/local.cf instead. |
| # See 'perldoc Mail::SpamAssassin::Conf' for details. |
| # |
| # <@LICENSE> |
| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to you under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at: |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # </@LICENSE> |
| # |
| ########################################################################### |
| |
| # Requires the Mail::SpamAssassin::Plugin::SPF plugin be loaded. |
| |
| ifplugin Mail::SpamAssassin::Plugin::SPF |
| |
| # SPF support: |
| # "pass" is nice |
| # "neutral" is somewhat bad |
| # "fail" is bad |
| # "softfail" is bad, but not as bad as "fail" |
| # "permerror" is very bad, and means the domain doesn't have a valid spf record |
| # These are more trustworthy results than the SPF_HELO rules. |
| |
| # some are "userconf" so that scores are set by hand? |
| |
| header SPF_PASS eval:check_for_spf_pass() |
| describe SPF_PASS SPF: sender matches SPF record |
| tflags SPF_PASS nice userconf net |
| reuse SPF_PASS |
| |
| header SPF_NEUTRAL eval:check_for_spf_neutral() |
| describe SPF_NEUTRAL SPF: sender does not match SPF record (neutral) |
| tflags SPF_NEUTRAL net |
| reuse SPF_NEUTRAL |
| |
| header SPF_FAIL eval:check_for_spf_fail() |
| describe SPF_FAIL SPF: sender does not match SPF record (fail) |
| tflags SPF_FAIL net |
| reuse SPF_FAIL |
| |
| header SPF_SOFTFAIL eval:check_for_spf_softfail() |
| describe SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) |
| tflags SPF_SOFTFAIL net |
| reuse SPF_SOFTFAIL |
| |
| |
| # NOTE: SPF_HELO_PASS is not incredibly hard to fake, so shouldn't |
| # provide much in the way of points compared to SPF_PASS et al. |
| # However, a *failure* is still a very good spamsign. |
| |
| header SPF_HELO_PASS eval:check_for_spf_helo_pass() |
| describe SPF_HELO_PASS SPF: HELO matches SPF record |
| tflags SPF_HELO_PASS nice userconf net |
| reuse SPF_HELO_PASS |
| |
| header SPF_HELO_NEUTRAL eval:check_for_spf_helo_neutral() |
| describe SPF_HELO_NEUTRAL SPF: HELO does not match SPF record (neutral) |
| tflags SPF_HELO_NEUTRAL net |
| reuse SPF_HELO_NEUTRAL |
| |
| header SPF_HELO_FAIL eval:check_for_spf_helo_fail() |
| describe SPF_HELO_FAIL SPF: HELO does not match SPF record (fail) |
| tflags SPF_HELO_FAIL net |
| reuse SPF_HELO_FAIL |
| |
| header SPF_HELO_SOFTFAIL eval:check_for_spf_helo_softfail() |
| describe SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail) |
| tflags SPF_HELO_SOFTFAIL net |
| reuse SPF_HELO_SOFTFAIL |
| |
| # Implementing the Sender Check for No SPF REcord defaulting to disabled so Admins can override |
| header SPF_NONE eval:check_for_spf_none() |
| describe SPF_NONE SPF: sender does not publish an SPF Record |
| tflags SPF_NONE net |
| reuse SPF_NONE |
| |
| header SPF_HELO_NONE eval:check_for_spf_helo_none() |
| describe SPF_HELO_NONE SPF: HELO does not publish an SPF Record |
| tflags SPF_HELO_NONE net |
| reuse SPF_HELO_NONE |
| |
| |
| |
| if can(Mail::SpamAssassin::Plugin::SPF::has_check_for_spf_errors) |
| |
| header T_SPF_PERMERROR eval:check_for_spf_permerror() |
| describe T_SPF_PERMERROR SPF: test of record failed (permerror) |
| tflags T_SPF_PERMERROR net |
| reuse T_SPF_PERMERROR |
| |
| header T_SPF_TEMPERROR eval:check_for_spf_temperror() |
| describe T_SPF_TEMPERROR SPF: test of record failed (temperror) |
| tflags T_SPF_TEMPERROR net |
| reuse T_SPF_TEMPERROR |
| |
| header T_SPF_HELO_PERMERROR eval:check_for_spf_helo_permerror() |
| describe T_SPF_HELO_PERMERROR SPF: test of HELO record failed (permerror) |
| tflags T_SPF_HELO_PERMERROR net |
| reuse T_SPF_HELO_PERMERROR |
| |
| header T_SPF_HELO_TEMPERROR eval:check_for_spf_helo_temperror() |
| describe T_SPF_HELO_TEMPERROR SPF: test of HELO record failed (temperror) |
| tflags T_SPF_HELO_TEMPERROR net |
| reuse T_SPF_HELO_TEMPERROR |
| |
| endif |
| |
| |
| |
| endif # Mail::SpamAssassin::Plugin::SPF |