integration of SPF checking with exim?

[naox]

integration of SPF checking with cpanel's exim?

anyone smart managed to do this and want to share knowledge how to do this?


other issue:
spf checking sould be excluded when email is recived from dns clustered server (db file for domain exists in /var/named/) - thats because you dont want to emails from your others servers to be refused with forwarders....

 

[casey]

Many people have.

http://forums.cpanel.net/search.php?searchid=549336

 

[naox]

I see none. I'm not talking about stupid threats about how to insert txt -spf records into dns. But perhaps I missed some valuable thread...
I'm talking about how to integrate spf record checking in exim

 

[casey]

Ah, you want to check SPF records yourself. Sorry, misunderstood.
Try this one then:
http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/exim-spf.html

 

[naox]

right. too bad that cpanel is using exim 4.44 that dont have integrated exiscan yet (from version 4.50) so without serious changes you cant add spf checks to it (I'm not at that level of knowledge yet with exim). and thats why I asked if someone managed to do it, and how. I'm not asking for google asistance really.

half of popular mailservers in my country already implements spf checking, and so not accepting any forwarded mail . So I dont see reason why I should not take advantage of almost no-spam (with exceptions for virus infected users computers) offered by spf records

 

[casey]

right. too bad that cpanel is using exim 4.44 that dont have integrated exiscan yet (from version 4.50) so without serious changes you cant add spf checks to it (I'm not at that level of knowledge yet with exim). and thats why I asked if someone managed to do it, and how. I'm not asking for google asistance really.

half of popular mailservers in my country already implements spf checking, and so not accepting any forwarded mail . So I dont see reason why I should not take advantage of almost no-spam (with exceptions for virus infected users computers) offered by spf records

Hmm. My exim is 4.50 with exiscan integrated...

 

[naox]

oh. I use stable build and this one have exim-4.43-40. But it is good to know that in near future it will be easy to implement spf checking, because exiscan allready got it (without taking end action - blocking email). thanks

 

[chirpy]

Then you're running an old version of exim, that latest support version in STABLE is build v4.50 #1, try:

/scripts/updatenow
/scripts/eximup

 

[kris1351]

Aren't there some negative effects of implementing SPF?

 

[chirpy]

Yes, plenty and it will do next to nothing to prevent spam, just "joe-jobs"

 

[naox]

Aren't there some negative effects of implementing SPF?

your mailserver wont accept forwarded emails anymore, from any server. That would be all...

 

[chirpy]

That's my favourite feature of SPF and why, for me, it's dead in the water :p

 

[naox]

I dont know.
Much spam originates from other mailservers than it sould as for given sender email (email 'spoofed').

Besides if reciving an email from server that posted SPF records, and your server chcecks it.. then you can be 99% sure that it originates from that email adres as pased in email (1% for open mail servers like smtp without auth, or open php, cgi mailers)


And if everyserver would publish its spf, then you could disable reciving emails without spf's - and that would make finally impossible for ppl with dyn ip to send emails - because they cant change dns records under their reverse dns hm - but thats daydream


anyway yeah... spf's wont stop spam, but it can make you more sure about author of email you're reading...

 

[naox]

Ah, you want to check SPF records yourself. Sorry, misunderstood.
Try this one then:
http://www.tldp.org/HOWTO/Spam-Filtering-for-MX/exim-spf.html

Starting exim: 2005-05-25 21:57:54 Exim configuration error in line 250 of /etc/
exim.conf:
  error in ACL: unknown ACL condition/modifier in "spf         = fail"
                                                           [FAILED]
Starting exim-smtps: 2005-05-25 21:57:54 Exim configuration error in line 250 of
 /etc/exim.conf:
  error in ACL: unknown ACL condition/modifier in "spf         = fail"

I dont think cpanels exim have spf checks integrated really
(I'm using now Exim version 4.50 #1 built 24-Mar-2005 15:00:31)

back to square one. Did anyone managed to integrate spf checks with cpanel exim?

 

[chirpy]

Not sure I understand your post. Did you actually add the SPF ACL that is required? You'll obviously need to add that before it will work, which it ought to if you're running exim v4.50
http://spf.pobox.com/exim4.spf.acl-2.09.txt

Bear in mind that you won't get support from cPanel for that as it's not part of their standard exim configuration.

 

[naox]

  # Query the SPF information for the sender address domain, if any,
  # to see if the sending host is authorized to deliver its mail.
  # If not, reject the mail.
  #
  deny
    message     = [SPF] $sender_host_address is not allowed to send mail \
                  from $sender_address_domain
    log_message = SPF check failed.
    spf         = fail


  # Add a SPF-Received: header to the message
  warn
    message     = $spf_received

you mean this one or something else? I added as above however
spf = fail
is unknow syntax

 

[chirpy]

No, I mean the one I posted from the SPF site.

 

[naox]

as far as I understand that spf acl is integrated into exiscan
http://duncanthrax.net/exiscan-acl/

 

[naox]

http://duncanthrax.net/exiscan-acl/exiscan-acl-spec.txt

8. Sender Policy Framework (SPF) support
--------------------------------------------------------------

To learn  more  about  SPF, visit   http://spf.pobox.com. This
document does   not explain  the SPF  fundamentals, you should
read and understand the implications of deploying SPF on  your
system before doing so.

SPF support is added via the libspf2 library. Visit 

  http://www.libspf2.org/
  
to obtain  a copy,  then compile  and install  it. By default,
this will  put headers  in /usr/local/include  and the  static
library in /usr/local/lib.

To compile exim with SPF support, set these additional flags in
Local/Makefile:

CFLAGS=-DSPF -I/usr/local/include
EXTRALIBS_EXIM=-L/usr/local/lib -lspf2

hmm. so I need to compile with spf support I wonder if I manage to run spf checks, will I have means to make ip whitelist for my servers. If not I sould not even go further in this one

 

[chirpy]

According to the exim v4.50 FAQ:
http://www.exim.org/exim-html-4.50/doc/html/FAQ_7.html#TOC272

You need to use the ACL I posted. You're probably better off asking on the exim mailing list.