Bug 1057876
Summary: | Review Request: smf-spf - Mail filter for Sender Policy Framework verification | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Matt Domsch <matt_domsch> |
Component: | Package Review | Assignee: | Nobody's working on this, feel free to take it <nobody> |
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | aschorr, cristian.ciupitu, herrold, package-review, paul, samuel-rhbugs, xavier |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-10-01 13:56:32 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1057874 | ||
Bug Blocks: |
Description
Matt Domsch
2014-01-25 15:51:59 UTC
All credit goes to Paul Howarth for this. We are also actively trying to find out who is maintaining this upstream anymore, as the original author appears to have disappeared from the Internet (all addresses fail, SF account is deactivated). SELinux policy update needed to it can open a unix domain socket to talk to sendmail, rather than listen on a TCP port. Paul wrote this policy, which is a combination of smf-spf and another program, smf-sav. http://domsch.com/fedora/libspf2/smfs.te Hi, Thanks for doing this work. This is sorely needed. Why does the spec file declare a dependency on sendmail? Requires: sendmail >= 8.12 Our site uses postfix. As far as I can tell, this dependency is not required. Can you please remove it? Thanks, Andy It may also make sense to add a minor patch to remove this gratuitous header that is inserted into every message: X-SPF-Scan-By: smf-spf v2.0.2 - http://smfs.sf.net/ That seems to server no particular purpose, and the URL is not even valid any more. There are some patches here that may be worth considering: http://www.trusteddomain.org/pipermail/opendmarc-users/2013-June/000153.html They remove the header and make a few other small changes. I'm not sure whether they are all desirable, but certainly removing or at least fixing that header makes sense. Regards, Andy I am withdrawing this packaging request, as opendmarc now implements SPF testing internally. https://bugzilla.redhat.com/show_bug.cgi?id=1057876 is the opendmarc package review. https://bugzilla.redhat.com/show_bug.cgi?id=905304 is the opendmarc package review, not 1057876. |