# SpamAssassin - SPF rules # # Please don't modify this file as your changes will be overwritten with # the next update. Use @@LOCAL_RULES_DIR@@/local.cf instead. # See 'perldoc Mail::SpamAssassin::Conf' for details. # # <@LICENSE> # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to you under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at: # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # ########################################################################### # Requires the Mail::SpamAssassin::Plugin::SPF plugin be loaded. ifplugin Mail::SpamAssassin::Plugin::SPF # SPF support: # "pass" is nice # "neutral" is somewhat bad # "fail" is bad # "softfail" is bad, but not as bad as "fail" # "permerror" is very bad, and means the domain doesn't have a valid spf record # These are more trustworthy results than the SPF_HELO rules. header SPF_PASS eval:check_for_spf_pass() header SPF_NEUTRAL eval:check_for_spf_neutral() header SPF_FAIL eval:check_for_spf_fail() header SPF_SOFTFAIL eval:check_for_spf_softfail() if can(Mail::SpamAssassin::Plugin::SPF::has_check_for_spf_errors) header T_SPF_PERMERROR eval:check_for_spf_permerror() header T_SPF_TEMPERROR eval:check_for_spf_temperror() endif # NOTE: SPF_HELO_PASS is not incredibly hard to fake, so shouldn't # provide much in the way of points compared to SPF_PASS et al. # However, a *failure* is still a very good spamsign. header SPF_HELO_PASS eval:check_for_spf_helo_pass() header SPF_HELO_NEUTRAL eval:check_for_spf_helo_neutral() header SPF_HELO_FAIL eval:check_for_spf_helo_fail() header SPF_HELO_SOFTFAIL eval:check_for_spf_helo_softfail() if can(Mail::SpamAssassin::Plugin::SPF::has_check_for_spf_errors) header T_SPF_HELO_PERMERROR eval:check_for_spf_helo_permerror() header T_SPF_HELO_TEMPERROR eval:check_for_spf_helo_temperror() endif describe SPF_PASS SPF: sender matches SPF record describe SPF_NEUTRAL SPF: sender does not match SPF record (neutral) describe SPF_FAIL SPF: sender does not match SPF record (fail) describe SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) describe SPF_HELO_PASS SPF: HELO matches SPF record describe SPF_HELO_NEUTRAL SPF: HELO does not match SPF record (neutral) describe SPF_HELO_FAIL SPF: HELO does not match SPF record (fail) describe SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail) if can(Mail::SpamAssassin::Plugin::SPF::has_check_for_spf_errors) describe T_SPF_PERMERROR SPF: test of record failed (permerror) describe T_SPF_TEMPERROR SPF: test of record failed (temperror) describe T_SPF_HELO_PERMERROR SPF: test of HELO record failed (permerror) describe T_SPF_HELO_TEMPERROR SPF: test of HELO record failed (temperror) endif # these are "userconf" so that scores are set by hand tflags SPF_PASS nice userconf net tflags SPF_HELO_PASS nice userconf net tflags SPF_NEUTRAL net tflags SPF_FAIL net tflags SPF_SOFTFAIL net tflags SPF_HELO_NEUTRAL net tflags SPF_HELO_FAIL net tflags SPF_HELO_SOFTFAIL net if can(Mail::SpamAssassin::Plugin::SPF::has_check_for_spf_errors) tflags T_SPF_HELO_PERMERROR net tflags T_SPF_HELO_TEMPERROR net tflags T_SPF_PERMERROR net tflags T_SPF_TEMPERROR net endif # rules from earlier than current release that can be reused reuse SPF_PASS reuse SPF_FAIL reuse SPF_SOFTFAIL reuse SPF_HELO_PASS reuse SPF_HELO_FAIL reuse SPF_HELO_SOFTFAIL reuse SPF_NEUTRAL reuse SPF_HELO_NEUTRAL if can(Mail::SpamAssassin::Plugin::SPF::has_check_for_spf_errors) reuse T_SPF_PERMERROR reuse T_SPF_TEMPERROR reuse T_SPF_HELO_PERMERROR reuse T_SPF_HELO_TEMPERROR endif # Implementing the Sender Check for No SPF REcord defaulting to disabled so Admins can override header SPF_NONE eval:check_for_spf_none() describe SPF_NONE SPF: sender does not publish an SPF Record header SPF_HELO_NONE eval:check_for_spf_helo_none() describe SPF_HELO_NONE SPF: HELO does not publish an SPF Record endif # Mail::SpamAssassin::Plugin::SPF