spfquery.pyspf(1) General Commands Manual spfquery.pyspf(1)NAME
spfquery.pyspf - pure-Python spfquery script
VERSION
2.0.4
DESCRIPTION
The spfquery script is a Python reimplementination of Wayne Schlitt's spfquery command line tool.
USAGE
The spfquery script is called with a number of possible options. Options can either use standard '-' prefix or be PERL style long options,
'--'. Supported options are:
"--file" or "-file" {filename}: Read the query (or queries) from the designated
file. If {filename} is '0', then query inputs are read from STDIN.
"--ip" or "-ip" {address}: Client IP address to use for SPF check.
"--sender" or "-sender" {Mail From address}: Envelope sender from which mail was
received.
"--helo" or "-helo" {client hostname}: HELO/EHLO name used by SMTP client.
"--local" or "-local" {local policy SPF string}: Additional SPF mechanisms to be
checked on the basis of local policy. Note that local policy matches are
not strictly SPF results. Local policy processing is not defined in RFC
4408. Result may vary among SPF implementations.
"--rcpt-to" or "rcpt-to" {rcpt-to address - if available}: Receipt to address is
not used for actual SPF processing, but if available it can be useful for
logging, spf-received header construction, and providing useful rejection
messages when messages are rejected due to SPF.
"--default-explanation" or "-default-explanation" {explanation string}: Default
Fail explanation string to be used.
"--sanitize" or "-sanitize" and "--debug" or "-debug": These options are no-op
in the Python implementation, but are valid inputs to provide compatibliity
with input files developed to work with the original PERL and C spfquery
implementations.
EXAMPLE
spfquery --sender scott@example.com --ip 192.0.2.0 [other options ...]
SEE ALSO
RFC 4408, <http://www.openspf.org>
AUTHORS
This version of spfquery was written by Stuart Gathman <stuart@bmsi.com>.
This man-page was created by Scott Kitterman <scott@kitterman.com>.
2007-01-16 spfquery.pyspf(1)
Check Out this Related Man Page
python-spf(1) General Commands Manual python-spf(1)NAME
pyspf - pure-Python SPF library
VERSION
2.0.7
DESCRIPTION
SPF does email sender validation. For more information about SPF, please see http://www.openspf.org/
One incompatible change was introduced in version 1.7. Prior to version 1.7, connections from a local IP address (127...) would always
return a Pass result. The special case was eliminated. Programs calling pySPF should not do SPF checks on locally submitted mail.
This SPF client is intended to be installed on the border MTA, checking if incoming SMTP clients are permitted to forward mail. The SPF
check should be done during the MAIL FROM:<...> command.
USAGE
There are multiple ways to use this package:
To check an incoming mail request:
% pyspf [-v] {ip} {sender} {helo}
% pyspf 69.55.226.139 tway@optsw.com mx1.wayforward.net
To test an SPF record:
% pyspf [-v] "v=spf1..." {ip} {sender} {helo}
% pyspf "v=spf1 +mx +ip4:10.0.0.1 -all" 10.0.0.1 tway@foo.com a
To fetch an SPF record:
% pyspf {domain}
% pyspf wayforward.net
To test this script (and to output this usage message):
% pyspf
For instance, during an SMTP exchange from client 69.55.226.139::
S: 220 mail.example.com ESMTP Postfix
C: EHLO mx1.wayforward.net
S: 250-mail.example.com
S: ...
S: 250 8BITMIME
C: MAIL FROM:<terry@wayforward.net>
Then the following command line would check if this is a valid sender:
% pyspf 69.55.226.139 terry@wayforward.net mx1.wayforward.net
('pass', 250, 'sender SPF authorized')
Command line calls return RFC 4408 result codes, i.e. 'pass', 'fail', 'neutral', 'softfail, 'permerror', or 'temperror'.
RFC 4408 TEST SUITE
The package also installs the python-spf test driver and the current (as of the release date) YAML (Yet Another Markup Language) RFC 4408
test definitions. As errors or improvements in the test definitions are approved, they are available from:
<http://www.openspf.net/Test_Suite>
To run the test suite, change the directory the test suite is installed in:
$ cd /usr/share/doc/python-spf
Uncompress testspf.py.gz, testspf.py.gz, and rfc4408-tests.yml.gz
and then run testspf.py:
$ python testspf.py
The test suite supports multiple allowed results with a warning for a non-preferred result. For the current version, the expected results
are:
WARN: invalid-domain-long in rfc4408-tests.yml, ['8.1/2', '5/10']: fail
preferred to temperror
WARN: txttimeout in rfc4408-tests.yml, 4.4/1: fail preferred to temperror
WARN: spfoverride in rfc4408-tests.yml, 4.5/5: pass preferred to fail
WARN: multitxt1 in rfc4408-tests.yml, 4.5/5: pass preferred to permerror
WARN: multispf2 in rfc4408-tests.yml, 4.5/6: permerror preferred to pass
OTHER PROGRAMS
This package also provides two additional helper scripts; type99.py and spfquery.py. The type99.py script will convert DNS TXT strings to
a binary equivalent suitable for use in a BIND zone file. The spfquery.py script is a Python reimplementination of Wayne Schlitt's spf-
query command line tool. These scripts are described in pyspf-type99(1) and spfquery.pyspf(1) man pages.
SEE ALSO
RFC 4408, <http://www.openspf.org>
AUTHORS
This version of pyspf was written by Terence Way <terry-spf@wayforward.net> and updated by Stuart Gathman <stuart@bmsi.com> and Scott Kit-
terman <scott@kitterman.com>.
This man-page was created by Scott Kitterman <scott@kitterman.com>.
2012-02-05 python-spf(1)