- In master.cf:
spf-policy unix - n n - - spawn
user=nobody argv=/usr/sbin/policyd-spf-fs [options]
DESCRIPTIONThis manual page documents briefly the policyd-spf-fs command. It was written for the Debian® distribution because the original program initially didn't have a manual page (it does now, but the maintainer feels that this one is a little better).
policyd-spf-fs performs Sender Policy Framework (SPF) authorization checks based on queries sent to it on standard input following a special protocol. For more information on this protocol see the Postfix documentation in the postfix-doc package. For information on SPF see http://www.openspf.org.
OPTIONSThis programs follows the GNU getopt_long_only(3) command line syntax: Long options can be given with one or two dashes and can be abbreviated to a prefix long enough to be non-ambiguous. If an option starting with a single dash doesn't match a long option, it is taken as a short option with a following parameter, if applicable. An equals sign between the option name and the parameter is optional for both short and long options.
- -d, --debug [level]
- Turn on debugging output. A level of 3 or higher is passed to libspf2 (as level-2). Level 1 and 2 is only used by the daemon itself.
- -l, --local spf-terms
- Test against spf-terms before the final (implicit or explicit) "all" in an SPF record. This can be used to implement a local policy for whitelisting.
- -t, --trusted 
- Check the sender domain with trusted-forwarder.org. This is a non-standard feature.
- -t 0, --trusted 0
- Do not check the sender domain with trusted-forwarder.org. This is the default.
- -g, --guess spf-mechanisms
- Test the sender domain against spf-mechanisms if the domain has no SPF record.
- -e, --default-explanation string
- Default explanation string to use if the SPF record does not specify an explanation string itself.
- -m, --max-lookup number
- Maximum number of DNS lookups to allow.
- -c, --sanitize [0|1]
- Do [not] sanitize the output by condensing consecutive whitespace into a single space and replacing non-printable characters with question marks. Enabled by default.
- -n, --name hostname
- Use hostname as the name of the local system instead of looking it up (the name is used in the output).
- -a, --override ...
- -z, --fallback ...
- Provide override and fallback SPF records for certain domains. Not implemented yet. policyd-spf-fs would act as if the specified records were present before and after any existing record, respectively, of those domains.
- Show summary of options.
- -v, --version
- Show version of program.
BUGSYes, this program is an early development stage. Among other things, several of the spfquery options are semi-recognized, which may give confusing results.
AUTHORpolicyd-spf-fs was written by Matthias Cramer.
This manual page was written by Magnus Holmgren for the Debian® system (but may be used by others), based on the manpage for spfquery(1), which was in turn heavily inspired by the spfquery manpage of libmail-spf-query-perl (spfquery.mail-spf-query-perl(1)) by Julian Mehnle.
COPYRIGHTCopyright © 2007 Magnus Holmgren. Permission is granted to copy, distribute and/or modify this document under the terms of the BSD License.
On Debian systems, the complete text of the BSD License can be found in /usr/share/common-licenses/BSD.