https://bugzilla.redhat.com/show_bug.cgi?id=905304 Matt Domsch <matt_domsch@xxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |paul@xxxxxxxxxxxx --- Comment #49 from Matt Domsch <matt_domsch@xxxxxxxx> --- (In reply to Patrick from comment #7) > Adam: I was wondering the same thing and did some digging. An SPF checking > policy needs to be setup in /etc/postfix/main.cf > smtpd_recipient_restrictions section so that an SPF check result is added to > the email headers which can then be evaluated by OpenDMARC. Afaict these are > the two main SPF milters (the python one is actively developed): > > postfix-policyd-spf-python https://launchpad.net/pypolicyd-spf/ > postfix-policyd-spf-perl https://launchpad.net/postfix-policyd-spf-perl/ For sendmail, there is also smf-spf, which is by all accounts unmaintained but it seems to work well enough. It uses libspf2. Paul Howarth (now copied) packaged these up. I've updated libspf2 to the latest version from upstream github. These http://domsch.com/fedora/libspf2/ has SRPMS, spec, and the selinux changes necessary. All credit to Paul. To review these properly, we will also need to get an selinux policy change in place for smf-spf to allow a domain socket. It seems crazy to me that each new milter gets its own foo_milter_t defined, and then only to allow its own socket to exist and be used to talk to sendmail, but I leave that up to the SELinux gods. -- You are receiving this mail because: You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review