FreeBSD Bugzilla – Attachment 115334 Details for
Bug 157107
conflict between mail/p5-Mail-SPF and mail/libspf2
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
p5-Mail-SPF.patch
p5-Mail-SPF.patch (text/x-diff; charset=us-ascii), 52.82 KB, created by
gmc
on 2011-05-24 18:58:20 UTC
(
hide
)
Description:
p5-Mail-SPF.patch
Filename:
MIME Type:
Creator:
gmc
Created:
2011-05-24 18:58:20 UTC
Size:
52.82 KB
patch
obsolete
>diff -Naur p5-Mail-SPF.dist/Makefile p5-Mail-SPF/Makefile >--- p5-Mail-SPF.dist/Makefile 2009-11-15 10:07:11.000000000 +0100 >+++ p5-Mail-SPF/Makefile 2011-05-24 19:52:00.000000000 +0200 >@@ -15,6 +15,9 @@ > MAINTAINER= gmc@sonologic.nl > COMMENT= Reference implementation of the RFC 4408 SPF protocol > >+OPTIONS= SPFQUERY "Install spfquery command-line tool" on \ >+ SPFQUERY_SUFFIX "Add .pl suffix to spfquery" off >+ > RUN_DEPENDS= p5-Net-DNS-Resolver-Programmable>=0.002.1:${PORTSDIR}/dns/p5-Net-DNS-Resolver-Programmable \ > p5-Net-DNS>=0.58:${PORTSDIR}/dns/p5-Net-DNS \ > p5-version>0:${PORTSDIR}/devel/p5-version \ >@@ -28,7 +31,6 @@ > PERL_MODBUILD= 5.6.0+ > CONFIGURE_ARGS= --install_path sbin=${PREFIX}/sbin > >-MAN1= spfquery.1 > MAN3= Mail::SPF.3 Mail::SPF::Mech::PTR.3 Mail::SPF::Mech.3 \ > Mail::SPF::SenderIPAddrMech.3 Mail::SPF::MacroString.3 \ > Mail::SPF::Mech::IP4.3 Mail::SPF::Mech::A.3 \ >@@ -45,6 +47,24 @@ > DOCSDIR= ${PREFIX}/share/doc/p5-Mail-SPF > DOCS= CHANGES INSTALL LICENSE README TODO > >+.if defined(WITH_SPFQUERY) >+PLIST_SUB+= SPFQUERY="" >+ >+.if defined(WITH_SPFQUERY_SUFFIX) >+PLIST_SUB+= SPFQUERY_SUFFIX=".pl" >+EXTRA_PATCHES+= ${FILESDIR}/extra-patch-spfquery-suffix >+MAN1+= spfquery.pl.1 >+.else >+PLIST_SUB+= SPFQUERY_SUFFIX="" >+MAN1+= spfquery.1 >+CONFLICTS+= libspf2* >+.endif >+ >+.else >+PLIST_SUB+= SPFQUERY="@comment " >+EXTRA_PATCHES+= ${FILESDIR}/extra-patch-no-spfquery >+.endif >+ > post-install: > .if !defined(NOPORTDOCS) > @${MKDIR} ${DOCSDIR} >diff -Naur p5-Mail-SPF.dist/files/extra-patch-no-spfquery p5-Mail-SPF/files/extra-patch-no-spfquery >--- p5-Mail-SPF.dist/files/extra-patch-no-spfquery 1970-01-01 01:00:00.000000000 +0100 >+++ p5-Mail-SPF/files/extra-patch-no-spfquery 2011-05-24 19:30:10.000000000 +0200 >@@ -0,0 +1,33 @@ >+diff -Naur orig/Build.PL Build.PL >+--- orig/Build.PL 2009-10-31 23:16:14.000000000 +0100 >++++ Build.PL 2011-05-24 19:27:19.000000000 +0200 >+@@ -66,7 +66,6 @@ >+ => 'v0.002.1', >+ }, >+ script_files => [ >+- 'bin/spfquery' >+ ], >+ install_path => { >+ 'sbin' => '/usr/sbin' >+diff -Naur orig/MANIFEST MANIFEST >+--- orig/MANIFEST 2009-10-31 23:16:14.000000000 +0100 >++++ MANIFEST 2011-05-24 19:26:56.000000000 +0200 >+@@ -1,4 +1,3 @@ >+-bin/spfquery >+ Build.PL >+ CHANGES >+ debian/changelog >+diff -Naur orig/README README >+--- orig/README 2009-10-31 23:16:14.000000000 +0100 >++++ README 2011-05-24 19:27:05.000000000 +0200 >+@@ -12,9 +12,8 @@ >+ This release of Mail::SPF fully conforms to RFC 4408 and passes the 2008.08 >+ release of the official test-suite <http://www.openspf.org/Test_Suite>. >+ >+-The Mail::SPF source package includes the following additional tools: >++The Mail::SPF source package includes the following additional tool: >+ >+- * spfquery: A command-line tool for performing SPF checks. >+ * spfd: A daemon for services that perform SPF checks frequently. >+ >+ Mail::SPF is not your mother! >diff -Naur p5-Mail-SPF.dist/files/extra-patch-spfquery-suffix p5-Mail-SPF/files/extra-patch-spfquery-suffix >--- p5-Mail-SPF.dist/files/extra-patch-spfquery-suffix 1970-01-01 01:00:00.000000000 +0100 >+++ p5-Mail-SPF/files/extra-patch-spfquery-suffix 2011-05-24 19:41:56.000000000 +0200 >@@ -0,0 +1,1505 @@ >+diff -Naur orig/Build.PL Build.PL >+--- orig/Build.PL 2009-10-31 23:16:14.000000000 +0100 >++++ Build.PL 2011-05-24 19:40:10.000000000 +0200 >+@@ -66,7 +66,7 @@ >+ => 'v0.002.1', >+ }, >+ script_files => [ >+- 'bin/spfquery' >++ 'bin/spfquery.pl' >+ ], >+ install_path => { >+ 'sbin' => '/usr/sbin' >+diff -Naur orig/MANIFEST MANIFEST >+--- orig/MANIFEST 2009-10-31 23:16:14.000000000 +0100 >++++ MANIFEST 2011-05-24 19:40:36.000000000 +0200 >+@@ -1,4 +1,4 @@ >+-bin/spfquery >++bin/spfquery.pl >+ Build.PL >+ CHANGES >+ debian/changelog >+diff -Naur orig/README README >+--- orig/README 2009-10-31 23:16:14.000000000 +0100 >++++ README 2011-05-24 19:40:54.000000000 +0200 >+@@ -14,8 +14,8 @@ >+ >+ The Mail::SPF source package includes the following additional tools: >+ >+- * spfquery: A command-line tool for performing SPF checks. >+- * spfd: A daemon for services that perform SPF checks frequently. >++ * spfquery.pl: A command-line tool for performing SPF checks. >++ * spfd: A daemon for services that perform SPF checks frequently. >+ >+ Mail::SPF is not your mother! >+ ----------------------------- >+diff -Naur orig/bin/spfquery bin/spfquery >+--- orig/bin/spfquery 2009-10-31 23:16:14.000000000 +0100 >++++ bin/spfquery 1970-01-01 01:00:00.000000000 +0100 >+@@ -1,731 +0,0 @@ >+-#!/usr/bin/perl >+- >+-# >+-# spfquery: Command-line tool for performing SPF queries >+-# >+-# (C) 2005-2008 Julian Mehnle <julian@mehnle.net> >+-# 2004 Wayne Schlitt <wayne@schlitt.net> >+-# $Id: spfquery 138 2006-01-22 18:00:34Z julian $ >+-# >+-############################################################################## >+- >+-=head1 NAME >+- >+-spfquery - (Mail::SPF) - Checks if a given set of e-mail parameters matches a >+-domain's SPF policy >+- >+-=head1 VERSION >+- >+-2.501 >+- >+-=head1 SYNOPSIS >+- >+-=over >+- >+-=item B<Preferred usage:> >+- >+-B<spfquery> [B<--versions>|B<-v> B<1>|B<2>|B<1,2>] [B<--scope>|B<-s> B<helo>|B<mfrom>|B<pra>] >+-B<--identity>|B<--id> I<identity> B<--ip-address>|B<--ip> I<ip-address> >+-[B<--helo-identity>|B<--helo-id> I<helo-identity>] [I<OPTIONS>] >+- >+-B<spfquery> [B<--versions>|B<-v> B<1>|B<2>|B<1,2>] [B<--scope>|B<-s> B<helo>|B<mfrom>|B<pra>] >+-B<--file>|B<-f> I<filename>|B<-> [I<OPTIONS>] >+- >+-=item B<Legacy usage:> >+- >+-B<spfquery> B<--helo> I<helo-identity> B<--ip-address>|B<--ip> I<ip-address> [I<OPTIONS>] >+- >+-B<spfquery> B<--mfrom> I<mfrom-identity> B<--ip-address>|B<--ip> I<ip-address> >+-[B<--helo> I<helo-identity>] [I<OPTIONS>] >+- >+-B<spfquery> B<--pra> I<pra-identity> B<--ip-address>|B<--ip> I<ip-address> [I<OPTIONS>] >+- >+-=item B<Other usage:> >+- >+-B<spfquery> B<--version>|B<-V> >+- >+-B<spfquery> B<--help> >+- >+-=back >+- >+-=head1 DESCRIPTION >+- >+-B<spfquery> checks if a given set of e-mail parameters (e.g., the SMTP sender's >+-IP address) matches the responsible domain's Sender Policy Framework (SPF) >+-policy. For more information on SPF see L<http://www.openspf.org>. >+- >+-=head2 Preferred Usage >+- >+-The following usage forms are preferred over the L<legacy forms|/Legacy usage> >+-used by older B<spfquery> versions: >+- >+-The B<--identity> form checks if the given I<ip-address> is an authorized SMTP >+-sender for the given C<helo> hostname, C<mfrom> envelope sender e-mail address, >+-or C<pra> (so-called purported resonsible address) e-mail address, depending >+-on the value of the B<--scope> option (which defaults to B<mfrom> if omitted). >+- >+-The B<--file> form reads "I<ip-address> I<identity> [I<helo-identity>]" tuples >+-from the file with the specified I<filename>, or from standard input if >+-I<filename> is B<->, and checks them against the specified scope (B<mfrom> by >+-default). >+- >+-Both forms support an optional B<--versions> option, which specifies a >+-comma-separated list of the SPF version numbers of SPF records that may be >+-used. B<1> means that C<v=spf1> records should be used. B<2> means that >+-C<spf2.0> records should be used. Defaults to B<1,2>, i.e., uses any SPF >+-records that are available. Records of a higher version are preferred. >+- >+-=head2 Legacy Usage >+- >+-B<spfquery> versions before 2.500 featured the following usage forms, which are >+-discouraged but still supported for L<backwards compatibility|/COMPATIBILITY>: >+- >+-The B<--helo> form checks if the given I<ip-address> is an authorized SMTP >+-sender for the C<HELO> hostname given as the I<identity> (so-called C<HELO> >+-check). >+- >+-The B<--mfrom> form checks if the given I<ip-address> is an authorized SMTP >+-sender for the envelope sender email-address (or domain) given as the >+-I<identity> (so-called C<MAIL FROM> check). If a domain is given instead of an >+-e-mail address, C<postmaster> will be substituted for the localpart. >+- >+-The B<--pra> form checks if the given I<ip-address> is an authorized SMTP >+-sender for the PRA (Purported Responsible Address) e-mail address given as the >+-identity. >+- >+-=head2 Other Usage >+- >+-The B<--version> form prints version information of spfquery. The B<--help> >+-form prints usage information for spfquery. >+- >+-=head1 OPTIONS >+- >+-=head2 Standard Options >+- >+-The preferred and legacy forms optionally take any of the following >+-I<OPTIONS>: >+- >+-=over >+- >+-=item B<--default-explanation> I<string> >+- >+-=item B<--def-exp> I<string> >+- >+-Use the specified I<string> as the default explanation if the authority domain >+-does not specify an explanation string of its own. >+- >+-=item B<--hostname> I<hostname> >+- >+-Use I<hostname> as the host name of the local system instead of auto-detecting >+-it. >+- >+-=item B<--keep-comments> >+- >+-=item B<--no-keep-comments> >+- >+-Do (not) print any comments found when reading from a file or from standard >+-input. >+- >+-=item B<--sanitize> (currently ignored) >+- >+-=item B<--no-sanitize> (currently ignored) >+- >+-Do (not) sanitize the output by condensing consecutive white-space into a >+-single space and replacing non-printable characters with question marks. >+-Enabled by default. >+- >+-=item B<--debug> (currently ignored) >+- >+-Print out debug information. >+- >+-=back >+- >+-=head2 Black Magic Options >+- >+-Several options that were supported by earlier versions of B<spfquery> are >+-considered black magic (i.e. potentially dangerous for the innocent user) and >+-are thus disabled by default. If the L<B<Mail::SPF::BlackMagic>> Perl module >+-is installed, they may be enabled by specifying B<--enable-black-magic>. >+- >+-=over >+- >+-=item B<--max-dns-interactive-terms> I<n> >+- >+-Evaluate a maximum of I<n> DNS-interactive mechanisms and modifiers per SPF >+-check. Defaults to B<10>. Do I<not> override the default unless you know what >+-you are doing! >+- >+-=item B<--max-name-lookups-per-term> I<n> >+- >+-Perform a maximum of I<n> DNS name look-ups per mechanism or modifier. >+-Defaults to B<10>. Do I<not> override the default unless you know what you are >+-doing! >+- >+-=item B<--authorize-mxes-for> I<email-address>|I<domain>B<,>... >+- >+-Consider all the MXes of the comma-separated list of I<email-address>es and >+-I<domain>s as inherently authorized. >+- >+-=item B<--tfwl> >+- >+-Perform C<trusted-forwarder.org> accreditation checking. >+- >+-=item B<--guess> I<spf-terms> >+- >+-Use I<spf-terms> as a default record if no SPF record is found. >+- >+-=item B<--local> I<spf-terms> >+- >+-Process I<spf-terms> as local policy before resorting to a default result >+-(the implicit or explicit C<all> mechanism at the end of the domain's SPF >+-record). For example, this could be used for white-listing one's secondary >+-MXes: C<mx:mydomain.example.org>. >+- >+-=item B<--override> I<domain>B<=>I<spf-record> >+- >+-=item B<--fallback> I<domain>B<=>I<spf-record> >+- >+-Set overrides and fallbacks. Each option can be specified multiple times. For >+-example: >+- >+- --override example.org='v=spf1 -all' >+- --override '*.example.net'='v=spf1 a mx -all' >+- --fallback example.com='v=spf1 -all' >+- >+-=back >+- >+-=head1 RESULT CODES >+- >+-=over 12 >+- >+-=item B<pass> >+- >+-The specified IP address is an authorized SMTP sender for the identity. >+- >+-=item B<fail> >+- >+-The specified IP address is not an authorized SMTP sender for the identity. >+- >+-=item B<softfail> >+- >+-The specified IP address is not an authorized SMTP sender for the identity, >+-however the authority domain is still testing out its SPF policy. >+- >+-=item B<neutral> >+- >+-The identity's authority domain makes no assertion about the status of the IP >+-address. >+- >+-=item B<permerror> >+- >+-A permanent error occurred while evaluating the authority domain's policy >+-(e.g., a syntax error in the SPF record). Manual intervention is required >+-from the authority domain. >+- >+-=item B<temperror> >+- >+-A temporary error occurred while evaluating the authority domain's policy >+-(e.g., a DNS error). Try again later. >+- >+-=item B<none> >+- >+-There is no applicable SPF policy for the identity domain. >+- >+-=back >+- >+-=head1 EXIT CODES >+- >+- Result | Exit code >+- -----------+----------- >+- pass | 0 >+- fail | 1 >+- softfail | 2 >+- neutral | 3 >+- permerror | 4 >+- temperror | 5 >+- none | 6 >+- >+-=head1 EXAMPLES >+- >+- spfquery --scope mfrom --id user@example.com --ip 1.2.3.4 >+- spfquery --file test_data >+- echo "127.0.0.1 user@example.com helohost.example.com" | spfquery -f - >+- >+-=head1 COMPATIBILITY >+- >+-B<spfquery> has undergone the following interface changes compared to earlier >+-versions: >+- >+-=over >+- >+-=item B<2.500> >+- >+-=over >+- >+-=item * >+- >+-A new preferred usage style for performing individual SPF checks has been >+-introduced. The new style accepts a unified B<--identity> option and an >+-optional B<--scope> option that specifies the type (scope) of the identity. In >+-contrast, the legacy usage style requires a separate usage form for every >+-supported scope. See L</Preferred usage> and L</Legacy usage> for details. >+- >+-=item * >+- >+-The former C<unknown> and C<error> result codes have been renamed to C<permerror> >+-and C<temperror>, respectively, in order to comply with RFC 4408 terminology. >+- >+-=item * >+- >+-SPF checks with an empty identity are no longer supported. In the case of an >+-empty C<MAIL FROM> SMTP transaction parameter, perform a check with the C<helo> >+-scope directly. >+- >+-=item * >+- >+-The B<--debug> and B<--(no-)sanitize> options are currently ignored by this >+-version of B<spfquery>. They will again be supported in the future. >+- >+-=item * >+- >+-Several features that were supported by earlier versions of B<spfquery> are >+-considered black magic and thus are now disabled by default. See L</Black >+-Magic Options>. >+- >+-=item * >+- >+-Several option names have been deprecated. This is a list of them and their >+-preferred synonyms: >+- >+- Deprecated options | Preferred options >+- ---------------------+----------------------------- >+- --sender, -s | --mfrom >+- --ipv4, -i | --ip-address, --ip >+- --name | --hostname >+- --max-lookup-count, | --max-dns-interactive-terms >+- --max-lookup | >+- --rcpt-to, -r | --authorize-mxes-for >+- --trusted | --tfwl >+- >+-=back >+- >+-=back >+- >+-=head1 SEE ALSO >+- >+-L<Mail::SPF>, L<spfd(8)> >+- >+-L<http://www.ietf.org/rfc/rfc4408.txt> >+- >+-=head1 AUTHORS >+- >+-This version of B<spfquery> is a complete rewrite by Julian Mehnle >+-<julian@mehnle.net>, based on an earlier version written by Meng Weng Wong >+-<mengwong+spf@pobox.com> and Wayne Schlitt <wayne@schlitt.net>. >+- >+-=cut >+- >+-our $VERSION = '2.501'; >+- >+-use warnings; >+-use strict; >+- >+-use IO::File; >+-use Getopt::Long qw(:config gnu_compat no_ignore_case); >+-use Error ':try'; >+-use Mail::SPF; >+- >+-use constant TRUE => (0 == 0); >+-use constant FALSE => not TRUE; >+- >+-use constant exit_codes_by_result_code => { >+- pass => 0, >+- fail => 1, >+- softfail => 2, >+- neutral => 3, >+- permerror => 4, >+- temperror => 5, >+- none => 6 >+-}; >+- >+-# Helper Functions >+-############################################################################## >+- >+-sub usage { >+- STDERR->printf(<<'EOT'); >+-Preferred Usage: >+- spfquery [--versions|-v 1|2|1,2] [--scope|-s helo|mfrom|pra] >+- --identity|--id <identity> --ip-address|--ip <ip-address> >+- [--helo-identity|--helo-id <helo-identity>] [OPTIONS] >+- spfquery [--versions|-v 1|2|1,2] [--scope|-s helo|mfrom|pra] >+- --file|-f <filename>|- [OPTIONS] >+- >+-Legacy Usage: >+- spfquery --helo <helo-identity> --ip-address|--ip <ip-address> [OPTIONS] >+- spfquery --mfrom <mfrom-identity> --ip-address|--ip <ip-address> >+- [--helo <helo-identity>] [OPTIONS] >+- spfquery --pra <pra-identity> --ip-address|--ip <ip-address> [OPTIONS] >+- >+-Other Usage: >+- spfquery --version|-V >+- >+-See `spfquery --help` for more information. >+-EOT >+- return; >+-} >+- >+-sub help { >+- print(<<'EOT'); >+-Preferred Usage: >+- spfquery [--versions|-v 1|2|1,2] [--scope|-s helo|mfrom|pra] >+- --identity|--id <identity> --ip-address|--ip <ip-address> >+- [--helo-identity|--helo-id <helo-identity>] [OPTIONS] >+- spfquery [--versions|-v 1|2|1,2] [--scope|-s helo|mfrom|pra] >+- --file|-f <filename>|- [OPTIONS] >+- >+-Legacy Usage: >+- spfquery --helo <helo-identity> --ip-address|--ip <ip-address> [OPTIONS] >+- spfquery --mfrom <mfrom-identity> --ip-address|--ip <ip-address> >+- [--helo <helo-identity>] [OPTIONS] >+- spfquery --pra <pra-identity> --ip-address|--ip <ip-address> [OPTIONS] >+- >+-Other Usage: >+- spfquery --version|-V >+- >+-spfquery performs SPF checks based on the command-line arguments or data given >+-in a file or on standard input. >+- >+-Only the preferred and other usage forms are explained here. See the >+-spfquery(1) man-page for an explanation of the legacy usage forms. >+- >+-The "--identity" form checks if the given <ip-address> is an authorized SMTP >+-sender for the given "helo" hostname, "mfrom" envelope sender e-mail address, >+-or "pra" (purported resonsible address) e-mail address, depending on the value >+-of the "--scope" option (which defaults to "mfrom" if omitted). >+- >+-The "--file" form reads "<ip-address> <identity> [<helo-identity>]" tuples from >+-the file with the specified <filename>, or from standard input if <filename> is >+-"-", and checks them against the specified scope ("mfrom" by default). >+- >+-The "--version" form prints version information of spfquery. >+- >+-Valid OPTIONS (and their defaults) are: >+- --default-explanation <string> >+- Default explanation string to use (sensible default). >+- --hostname <hostname> >+- The name of the system doing the SPF checking (local >+- system's configured hostname). >+- --keep-comments Print comments found when reading from a file. >+- --no-sanitize Do not clean up invalid characters in output. >+- --debug Output debugging information. >+- >+-Black-magic OPTIONS are: >+- --max-dns-interactive-terms <n> >+- Maximum number of DNS-interactive mechanisms and >+- modifiers (10). >+- --max-name-lookups-per-term <n> >+- Maximum number of DNS name look-ups per mechanism or >+- modifier (10). >+- --authorize-mxes-for <email-address>|<domain>,... >+- A comma-separated list of e-mail addresses and domains >+- whose MXes will be considered inherently authorized. >+- --tfwl Check trusted-forwarder.org white-list. >+- --guess <spf-terms> Default checks if no SPF record is found. >+- --local <spf-terms> Local policy to process before default result. >+- --override <domain>=<spf-record> >+- --fallback <domain>=<spf-record> >+- Set override and fallback SPF records for domains. >+- >+-Examples: >+- spfquery --scope mfrom --id user@example.com --ip 1.2.3.4 >+- spfquery --file test_data >+- echo "127.0.0.1 user@example.com helohost.example.com" | spfquery -f - >+-EOT >+- return; >+-} >+- >+-sub deprecated_option { >+- my ($old_option, $new_option, $options) = @_; >+- return FALSE if not exists($options->{$old_option}); >+- STDERR->print( >+- "Warning: '$old_option' option is deprecated" . >+- ($new_option ? "; use '$new_option' instead" : '') . >+- ".\n" >+- ); >+- $options->{$new_option} = delete($options->{$old_option}); >+- return TRUE; >+-} >+- >+-sub unsupported_option { >+- my ($option_name, $options) = @_; >+- return FALSE if not exists($options->{$option_name}); >+- STDERR->print("Error: '$option_name' option is no longer supported.\n"); >+- return TRUE; >+-} >+- >+-sub black_magic_option { >+- my ($option_name, $options) = @_; >+- return FALSE if not exists($options->{$option_name}); >+- STDERR->print("Error: '$option_name' option is black magic! Do not use it!\n"); >+- return TRUE; >+-} >+- >+-# Command-line Option Handling >+-############################################################################## >+- >+-my $options = {}; >+-my $getopt_result = GetOptions( >+- $options, >+- >+- 'file|f=s', >+- >+- 'versions|v=s', >+- 'scope=s', >+- 's=s', # Special handling for ambiguous 's' option (formerly a synonym >+- # for 'sender', now preferredly a synonym for 'scope'). >+- 'identity|id=s', >+- 'ip-address|ip=s', >+- 'helo-identity|helo-id=s', >+- >+- # Legacy/shortcut options: >+- 'mfrom|mail-from|m=s', >+- 'helo|h=s', >+- >+- 'default-explanation|def-exp=s', >+- 'hostname=s', >+- >+- 'keep-comments!', >+- 'debug!', # TODO Implement! >+- 'sanitize!', # TODO Implement! >+- >+- # Black Magic options: >+- 'enable-black-magic!', >+- 'max-dns-interactive-terms=i', >+- 'max-name-lookups-per-term=i', >+- 'authorize-mxes-for=s', >+- # TODO implement! >+- 'tfwl!', # TODO Implement! >+- 'guess=s', # TODO Implement! >+- 'local=s', # TODO Implement! >+- 'override=s%', # TODO Implement! >+- 'fallback=s%', # TODO Implement! >+- >+- # Meta actions: >+- 'version|V!', >+- 'help!', >+- >+- # Deprecated options: >+- 'sender=s', # Now 'scope'/'identity' or 'mfrom' >+- 'ipv4=s', # Now 'ip-address' >+- 'i=s', # Now 'ip-address' >+- 'name=s', # Now 'hostname' >+- 'max-lookup-count=i', >+- 'max-lookup=i', # Now 'max-dns-interactive-terms' >+- 'rcpt-to=s', # Now 'authorize-mxes-for' >+- 'r=s', # Now 'authorize-mxes-for' >+- 'trusted!' # Now 'tfwl' >+-); >+- >+-if (not $getopt_result) { >+- usage(); >+- exit(255); >+-} >+- >+-if ($options->{help}) { >+- help(); >+- exit(0); >+-} >+- >+-if ($options->{version}) { >+- print("spfquery version $VERSION (using Mail::SPF)\n"); >+- exit(0); >+-} >+- >+-deprecated_option('sender', 'mfrom', $options); >+-deprecated_option('ipv4', 'ip-address', $options); >+-deprecated_option('i', 'ip-address', $options); >+-deprecated_option('name', 'hostname', $options); >+-deprecated_option('max-lookup-count', 'max-dns-interactive-terms', $options); >+-deprecated_option('max-lookup', 'max-dns-interactive-terms', $options); >+-deprecated_option('rcpt-to', 'authorize-mxes-for', $options); >+-deprecated_option('r', 'authorize-mxes-for', $options); >+-deprecated_option('trusted', 'tfwl', $options); >+- >+-if ($options->{'enable-black-magic'}) { >+- if (not defined(eval('require Mail::SPF::BlackMagic'))) { >+- STDERR->print("Error: Cannot enable black magic. Unable to load Mail::SPF::BlackMagic.\n"); >+- exit(255); >+- } >+- # else: Black magic enabled! >+-} >+-elsif ( >+- black_magic_option('max-dns-interactive-terms', $options) or >+- black_magic_option('max-name-lookups-per-term', $options) or >+- black_magic_option('rcpt-to', $options) or >+- black_magic_option('trusted', $options) or >+- black_magic_option('guess', $options) or >+- black_magic_option('local', $options) or >+- black_magic_option('override', $options) or >+- black_magic_option('fallback', $options) >+-) { >+- exit(255); >+-} >+- >+-my @versions = split(',', $options->{versions} || ''); >+-my $scope = $options->{scope}; >+-my $identity = $options->{identity}; >+-my $ip_address = $options->{'ip-address'}; >+-my $helo_identity = $options->{'helo-identity'}; >+- >+-# Heuristic for distinguishing between 's(cope)' and 's(ender)': >+-if (defined(my $s = $options->{s})) { >+- if ( >+- not defined($scope) and # No explicit 'scope' option has been specified, and >+- $s !~ /[@.]/ # 's' option contains neither an '@' nor a dot, >+- # so it cannot be an e-mail address or a domain. >+- ) { >+- # Thus it must be meant as the 'scope' option: >+- $scope = $s; >+- } >+- else { >+- # Else, it must be meant as the deprecated 'sender' option: >+- $options->{mfrom} = $s; >+- } >+-} >+- >+-# Heuristic for when explicit 'scope'/'s(cope)' option is absent: >+-if (not defined($scope)) { >+- if (defined($identity) or defined($options->{file})) { >+- # Identity has been specified, or input will be read from file: >+- # apply the 'scope' option default: >+- $scope = 'mfrom'; >+- } >+- elsif (defined($options->{helo})) { >+- $scope = 'helo'; >+- $identity = $options->{helo}; >+- } >+- elsif (defined($options->{mfrom})) { >+- $scope = 'mfrom'; >+- $identity = $options->{mfrom}; >+- $helo_identity ||= $options->{helo}; >+- } >+- elsif (defined($options->{pra})) { >+- $scope = 'pra'; >+- $identity = $options->{pra}; >+- } >+-} >+- >+-my $default_explanation = $options->{'default-explanation'}; >+-my $hostname = $options->{hostname}; >+- >+-if ( >+- not defined($scope) or >+- not (defined($identity) xor defined($options->{file})) >+-) { >+- usage(); >+- exit(255); >+-} >+- >+-if (defined($identity) and $identity eq '') { >+- STDERR->print("Error: Empty identities are not supported. See spfquery(1).\n"); >+- exit(255); >+-} >+- >+-# Process the SPF Request(s) >+-############################################################################## >+- >+-try { >+- my $spf_server = Mail::SPF::Server->new( >+- default_authority_explanation >+- => $default_explanation, >+- hostname => $hostname, >+- # debug => $options->{debug}, >+- # sanitize => $options->{sanitize}, >+- >+- # Black Magic: >+- ( >+- exists($options->{'max-dns-interactive-terms'}) ? >+- (max_dns_interactive_terms => $options->{'max-dns-interactive-terms'} || undef) >+- : () >+- ), >+- ( >+- exists($options->{'max-name-lookups-per-term'}) ? >+- (max_name_lookups_per_term => $options->{'max-name-lookups-per-term'} || undef) >+- : () >+- ) >+- # rcpt_to => $options->{'rcpt-to'}, >+- # trusted => $options->{trusted}, >+- # guess => $options->{guess}, >+- # local => $options->{local}, >+- # override => $options->{override}, >+- # fallback => $options->{fallback}, >+- ); >+- >+- my $exit_code; >+- >+- if (not defined($options->{file})) { >+- # Single request: >+- my $result_code = do_process( >+- $spf_server, >+- versions => @versions ? [@versions] : undef, >+- scope => $scope, >+- identity => $identity, >+- ip_address => $ip_address, >+- helo_identity => $helo_identity >+- ); >+- $exit_code = exit_codes_by_result_code->{$result_code}; >+- } >+- else { >+- # File request: >+- my $file = $options->{file} eq '-' ? \*STDIN : IO::File->new($options->{file}) >+- or die("Could not open: $options->{file}\n"); >+- while (<$file>) { >+- chomp; >+- s/^\s*//; >+- next if /^$/; >+- if (/^#/) { >+- print("$_\n") if $options->{'keep-comments'}; >+- next; >+- } >+- ($ip_address, $identity, $helo_identity) = split; >+- my $result_code = do_process( >+- $spf_server, >+- versions => @versions ? [@versions] : undef, >+- scope => $scope, >+- identity => $identity, >+- ip_address => $ip_address, >+- helo_identity => $helo_identity >+- ); >+- $exit_code ||= exit_codes_by_result_code->{$result_code}; >+- } >+- } >+- >+- exit($exit_code); >+-} >+-catch Mail::SPF::Exception with { >+- my ($e) = @_; >+- STDERR->printf("Error: %s.\n", $e->text); >+- exit(255); >+-}; >+- >+- >+-# Helper Function >+-############################################################################## >+- >+-sub do_process { >+- my ($spf_server, %request_options) = @_; >+- my $request = Mail::SPF::Request->new(%request_options); >+- my $result = $spf_server->process($request); >+- printf( >+- "%s\n%s\n%s\n%s\n", >+- $result->code, >+- ( >+- $result->can('authority_explanation') ? >+- $result->authority_explanation >+- : $result->local_explanation >+- ), >+- $result->local_explanation, >+- $result->received_spf_header >+- ); >+- return $result->code; >+-} >+diff -Naur orig/bin/spfquery.pl bin/spfquery.pl >+--- orig/bin/spfquery.pl 1970-01-01 01:00:00.000000000 +0100 >++++ bin/spfquery.pl 2009-10-31 23:16:14.000000000 +0100 >+@@ -0,0 +1,731 @@ >++#!/usr/bin/perl >++ >++# >++# spfquery: Command-line tool for performing SPF queries >++# >++# (C) 2005-2008 Julian Mehnle <julian@mehnle.net> >++# 2004 Wayne Schlitt <wayne@schlitt.net> >++# $Id: spfquery 138 2006-01-22 18:00:34Z julian $ >++# >++############################################################################## >++ >++=head1 NAME >++ >++spfquery - (Mail::SPF) - Checks if a given set of e-mail parameters matches a >++domain's SPF policy >++ >++=head1 VERSION >++ >++2.501 >++ >++=head1 SYNOPSIS >++ >++=over >++ >++=item B<Preferred usage:> >++ >++B<spfquery> [B<--versions>|B<-v> B<1>|B<2>|B<1,2>] [B<--scope>|B<-s> B<helo>|B<mfrom>|B<pra>] >++B<--identity>|B<--id> I<identity> B<--ip-address>|B<--ip> I<ip-address> >++[B<--helo-identity>|B<--helo-id> I<helo-identity>] [I<OPTIONS>] >++ >++B<spfquery> [B<--versions>|B<-v> B<1>|B<2>|B<1,2>] [B<--scope>|B<-s> B<helo>|B<mfrom>|B<pra>] >++B<--file>|B<-f> I<filename>|B<-> [I<OPTIONS>] >++ >++=item B<Legacy usage:> >++ >++B<spfquery> B<--helo> I<helo-identity> B<--ip-address>|B<--ip> I<ip-address> [I<OPTIONS>] >++ >++B<spfquery> B<--mfrom> I<mfrom-identity> B<--ip-address>|B<--ip> I<ip-address> >++[B<--helo> I<helo-identity>] [I<OPTIONS>] >++ >++B<spfquery> B<--pra> I<pra-identity> B<--ip-address>|B<--ip> I<ip-address> [I<OPTIONS>] >++ >++=item B<Other usage:> >++ >++B<spfquery> B<--version>|B<-V> >++ >++B<spfquery> B<--help> >++ >++=back >++ >++=head1 DESCRIPTION >++ >++B<spfquery> checks if a given set of e-mail parameters (e.g., the SMTP sender's >++IP address) matches the responsible domain's Sender Policy Framework (SPF) >++policy. For more information on SPF see L<http://www.openspf.org>. >++ >++=head2 Preferred Usage >++ >++The following usage forms are preferred over the L<legacy forms|/Legacy usage> >++used by older B<spfquery> versions: >++ >++The B<--identity> form checks if the given I<ip-address> is an authorized SMTP >++sender for the given C<helo> hostname, C<mfrom> envelope sender e-mail address, >++or C<pra> (so-called purported resonsible address) e-mail address, depending >++on the value of the B<--scope> option (which defaults to B<mfrom> if omitted). >++ >++The B<--file> form reads "I<ip-address> I<identity> [I<helo-identity>]" tuples >++from the file with the specified I<filename>, or from standard input if >++I<filename> is B<->, and checks them against the specified scope (B<mfrom> by >++default). >++ >++Both forms support an optional B<--versions> option, which specifies a >++comma-separated list of the SPF version numbers of SPF records that may be >++used. B<1> means that C<v=spf1> records should be used. B<2> means that >++C<spf2.0> records should be used. Defaults to B<1,2>, i.e., uses any SPF >++records that are available. Records of a higher version are preferred. >++ >++=head2 Legacy Usage >++ >++B<spfquery> versions before 2.500 featured the following usage forms, which are >++discouraged but still supported for L<backwards compatibility|/COMPATIBILITY>: >++ >++The B<--helo> form checks if the given I<ip-address> is an authorized SMTP >++sender for the C<HELO> hostname given as the I<identity> (so-called C<HELO> >++check). >++ >++The B<--mfrom> form checks if the given I<ip-address> is an authorized SMTP >++sender for the envelope sender email-address (or domain) given as the >++I<identity> (so-called C<MAIL FROM> check). If a domain is given instead of an >++e-mail address, C<postmaster> will be substituted for the localpart. >++ >++The B<--pra> form checks if the given I<ip-address> is an authorized SMTP >++sender for the PRA (Purported Responsible Address) e-mail address given as the >++identity. >++ >++=head2 Other Usage >++ >++The B<--version> form prints version information of spfquery. The B<--help> >++form prints usage information for spfquery. >++ >++=head1 OPTIONS >++ >++=head2 Standard Options >++ >++The preferred and legacy forms optionally take any of the following >++I<OPTIONS>: >++ >++=over >++ >++=item B<--default-explanation> I<string> >++ >++=item B<--def-exp> I<string> >++ >++Use the specified I<string> as the default explanation if the authority domain >++does not specify an explanation string of its own. >++ >++=item B<--hostname> I<hostname> >++ >++Use I<hostname> as the host name of the local system instead of auto-detecting >++it. >++ >++=item B<--keep-comments> >++ >++=item B<--no-keep-comments> >++ >++Do (not) print any comments found when reading from a file or from standard >++input. >++ >++=item B<--sanitize> (currently ignored) >++ >++=item B<--no-sanitize> (currently ignored) >++ >++Do (not) sanitize the output by condensing consecutive white-space into a >++single space and replacing non-printable characters with question marks. >++Enabled by default. >++ >++=item B<--debug> (currently ignored) >++ >++Print out debug information. >++ >++=back >++ >++=head2 Black Magic Options >++ >++Several options that were supported by earlier versions of B<spfquery> are >++considered black magic (i.e. potentially dangerous for the innocent user) and >++are thus disabled by default. If the L<B<Mail::SPF::BlackMagic>> Perl module >++is installed, they may be enabled by specifying B<--enable-black-magic>. >++ >++=over >++ >++=item B<--max-dns-interactive-terms> I<n> >++ >++Evaluate a maximum of I<n> DNS-interactive mechanisms and modifiers per SPF >++check. Defaults to B<10>. Do I<not> override the default unless you know what >++you are doing! >++ >++=item B<--max-name-lookups-per-term> I<n> >++ >++Perform a maximum of I<n> DNS name look-ups per mechanism or modifier. >++Defaults to B<10>. Do I<not> override the default unless you know what you are >++doing! >++ >++=item B<--authorize-mxes-for> I<email-address>|I<domain>B<,>... >++ >++Consider all the MXes of the comma-separated list of I<email-address>es and >++I<domain>s as inherently authorized. >++ >++=item B<--tfwl> >++ >++Perform C<trusted-forwarder.org> accreditation checking. >++ >++=item B<--guess> I<spf-terms> >++ >++Use I<spf-terms> as a default record if no SPF record is found. >++ >++=item B<--local> I<spf-terms> >++ >++Process I<spf-terms> as local policy before resorting to a default result >++(the implicit or explicit C<all> mechanism at the end of the domain's SPF >++record). For example, this could be used for white-listing one's secondary >++MXes: C<mx:mydomain.example.org>. >++ >++=item B<--override> I<domain>B<=>I<spf-record> >++ >++=item B<--fallback> I<domain>B<=>I<spf-record> >++ >++Set overrides and fallbacks. Each option can be specified multiple times. For >++example: >++ >++ --override example.org='v=spf1 -all' >++ --override '*.example.net'='v=spf1 a mx -all' >++ --fallback example.com='v=spf1 -all' >++ >++=back >++ >++=head1 RESULT CODES >++ >++=over 12 >++ >++=item B<pass> >++ >++The specified IP address is an authorized SMTP sender for the identity. >++ >++=item B<fail> >++ >++The specified IP address is not an authorized SMTP sender for the identity. >++ >++=item B<softfail> >++ >++The specified IP address is not an authorized SMTP sender for the identity, >++however the authority domain is still testing out its SPF policy. >++ >++=item B<neutral> >++ >++The identity's authority domain makes no assertion about the status of the IP >++address. >++ >++=item B<permerror> >++ >++A permanent error occurred while evaluating the authority domain's policy >++(e.g., a syntax error in the SPF record). Manual intervention is required >++from the authority domain. >++ >++=item B<temperror> >++ >++A temporary error occurred while evaluating the authority domain's policy >++(e.g., a DNS error). Try again later. >++ >++=item B<none> >++ >++There is no applicable SPF policy for the identity domain. >++ >++=back >++ >++=head1 EXIT CODES >++ >++ Result | Exit code >++ -----------+----------- >++ pass | 0 >++ fail | 1 >++ softfail | 2 >++ neutral | 3 >++ permerror | 4 >++ temperror | 5 >++ none | 6 >++ >++=head1 EXAMPLES >++ >++ spfquery --scope mfrom --id user@example.com --ip 1.2.3.4 >++ spfquery --file test_data >++ echo "127.0.0.1 user@example.com helohost.example.com" | spfquery -f - >++ >++=head1 COMPATIBILITY >++ >++B<spfquery> has undergone the following interface changes compared to earlier >++versions: >++ >++=over >++ >++=item B<2.500> >++ >++=over >++ >++=item * >++ >++A new preferred usage style for performing individual SPF checks has been >++introduced. The new style accepts a unified B<--identity> option and an >++optional B<--scope> option that specifies the type (scope) of the identity. In >++contrast, the legacy usage style requires a separate usage form for every >++supported scope. See L</Preferred usage> and L</Legacy usage> for details. >++ >++=item * >++ >++The former C<unknown> and C<error> result codes have been renamed to C<permerror> >++and C<temperror>, respectively, in order to comply with RFC 4408 terminology. >++ >++=item * >++ >++SPF checks with an empty identity are no longer supported. In the case of an >++empty C<MAIL FROM> SMTP transaction parameter, perform a check with the C<helo> >++scope directly. >++ >++=item * >++ >++The B<--debug> and B<--(no-)sanitize> options are currently ignored by this >++version of B<spfquery>. They will again be supported in the future. >++ >++=item * >++ >++Several features that were supported by earlier versions of B<spfquery> are >++considered black magic and thus are now disabled by default. See L</Black >++Magic Options>. >++ >++=item * >++ >++Several option names have been deprecated. This is a list of them and their >++preferred synonyms: >++ >++ Deprecated options | Preferred options >++ ---------------------+----------------------------- >++ --sender, -s | --mfrom >++ --ipv4, -i | --ip-address, --ip >++ --name | --hostname >++ --max-lookup-count, | --max-dns-interactive-terms >++ --max-lookup | >++ --rcpt-to, -r | --authorize-mxes-for >++ --trusted | --tfwl >++ >++=back >++ >++=back >++ >++=head1 SEE ALSO >++ >++L<Mail::SPF>, L<spfd(8)> >++ >++L<http://www.ietf.org/rfc/rfc4408.txt> >++ >++=head1 AUTHORS >++ >++This version of B<spfquery> is a complete rewrite by Julian Mehnle >++<julian@mehnle.net>, based on an earlier version written by Meng Weng Wong >++<mengwong+spf@pobox.com> and Wayne Schlitt <wayne@schlitt.net>. >++ >++=cut >++ >++our $VERSION = '2.501'; >++ >++use warnings; >++use strict; >++ >++use IO::File; >++use Getopt::Long qw(:config gnu_compat no_ignore_case); >++use Error ':try'; >++use Mail::SPF; >++ >++use constant TRUE => (0 == 0); >++use constant FALSE => not TRUE; >++ >++use constant exit_codes_by_result_code => { >++ pass => 0, >++ fail => 1, >++ softfail => 2, >++ neutral => 3, >++ permerror => 4, >++ temperror => 5, >++ none => 6 >++}; >++ >++# Helper Functions >++############################################################################## >++ >++sub usage { >++ STDERR->printf(<<'EOT'); >++Preferred Usage: >++ spfquery [--versions|-v 1|2|1,2] [--scope|-s helo|mfrom|pra] >++ --identity|--id <identity> --ip-address|--ip <ip-address> >++ [--helo-identity|--helo-id <helo-identity>] [OPTIONS] >++ spfquery [--versions|-v 1|2|1,2] [--scope|-s helo|mfrom|pra] >++ --file|-f <filename>|- [OPTIONS] >++ >++Legacy Usage: >++ spfquery --helo <helo-identity> --ip-address|--ip <ip-address> [OPTIONS] >++ spfquery --mfrom <mfrom-identity> --ip-address|--ip <ip-address> >++ [--helo <helo-identity>] [OPTIONS] >++ spfquery --pra <pra-identity> --ip-address|--ip <ip-address> [OPTIONS] >++ >++Other Usage: >++ spfquery --version|-V >++ >++See `spfquery --help` for more information. >++EOT >++ return; >++} >++ >++sub help { >++ print(<<'EOT'); >++Preferred Usage: >++ spfquery [--versions|-v 1|2|1,2] [--scope|-s helo|mfrom|pra] >++ --identity|--id <identity> --ip-address|--ip <ip-address> >++ [--helo-identity|--helo-id <helo-identity>] [OPTIONS] >++ spfquery [--versions|-v 1|2|1,2] [--scope|-s helo|mfrom|pra] >++ --file|-f <filename>|- [OPTIONS] >++ >++Legacy Usage: >++ spfquery --helo <helo-identity> --ip-address|--ip <ip-address> [OPTIONS] >++ spfquery --mfrom <mfrom-identity> --ip-address|--ip <ip-address> >++ [--helo <helo-identity>] [OPTIONS] >++ spfquery --pra <pra-identity> --ip-address|--ip <ip-address> [OPTIONS] >++ >++Other Usage: >++ spfquery --version|-V >++ >++spfquery performs SPF checks based on the command-line arguments or data given >++in a file or on standard input. >++ >++Only the preferred and other usage forms are explained here. See the >++spfquery(1) man-page for an explanation of the legacy usage forms. >++ >++The "--identity" form checks if the given <ip-address> is an authorized SMTP >++sender for the given "helo" hostname, "mfrom" envelope sender e-mail address, >++or "pra" (purported resonsible address) e-mail address, depending on the value >++of the "--scope" option (which defaults to "mfrom" if omitted). >++ >++The "--file" form reads "<ip-address> <identity> [<helo-identity>]" tuples from >++the file with the specified <filename>, or from standard input if <filename> is >++"-", and checks them against the specified scope ("mfrom" by default). >++ >++The "--version" form prints version information of spfquery. >++ >++Valid OPTIONS (and their defaults) are: >++ --default-explanation <string> >++ Default explanation string to use (sensible default). >++ --hostname <hostname> >++ The name of the system doing the SPF checking (local >++ system's configured hostname). >++ --keep-comments Print comments found when reading from a file. >++ --no-sanitize Do not clean up invalid characters in output. >++ --debug Output debugging information. >++ >++Black-magic OPTIONS are: >++ --max-dns-interactive-terms <n> >++ Maximum number of DNS-interactive mechanisms and >++ modifiers (10). >++ --max-name-lookups-per-term <n> >++ Maximum number of DNS name look-ups per mechanism or >++ modifier (10). >++ --authorize-mxes-for <email-address>|<domain>,... >++ A comma-separated list of e-mail addresses and domains >++ whose MXes will be considered inherently authorized. >++ --tfwl Check trusted-forwarder.org white-list. >++ --guess <spf-terms> Default checks if no SPF record is found. >++ --local <spf-terms> Local policy to process before default result. >++ --override <domain>=<spf-record> >++ --fallback <domain>=<spf-record> >++ Set override and fallback SPF records for domains. >++ >++Examples: >++ spfquery --scope mfrom --id user@example.com --ip 1.2.3.4 >++ spfquery --file test_data >++ echo "127.0.0.1 user@example.com helohost.example.com" | spfquery -f - >++EOT >++ return; >++} >++ >++sub deprecated_option { >++ my ($old_option, $new_option, $options) = @_; >++ return FALSE if not exists($options->{$old_option}); >++ STDERR->print( >++ "Warning: '$old_option' option is deprecated" . >++ ($new_option ? "; use '$new_option' instead" : '') . >++ ".\n" >++ ); >++ $options->{$new_option} = delete($options->{$old_option}); >++ return TRUE; >++} >++ >++sub unsupported_option { >++ my ($option_name, $options) = @_; >++ return FALSE if not exists($options->{$option_name}); >++ STDERR->print("Error: '$option_name' option is no longer supported.\n"); >++ return TRUE; >++} >++ >++sub black_magic_option { >++ my ($option_name, $options) = @_; >++ return FALSE if not exists($options->{$option_name}); >++ STDERR->print("Error: '$option_name' option is black magic! Do not use it!\n"); >++ return TRUE; >++} >++ >++# Command-line Option Handling >++############################################################################## >++ >++my $options = {}; >++my $getopt_result = GetOptions( >++ $options, >++ >++ 'file|f=s', >++ >++ 'versions|v=s', >++ 'scope=s', >++ 's=s', # Special handling for ambiguous 's' option (formerly a synonym >++ # for 'sender', now preferredly a synonym for 'scope'). >++ 'identity|id=s', >++ 'ip-address|ip=s', >++ 'helo-identity|helo-id=s', >++ >++ # Legacy/shortcut options: >++ 'mfrom|mail-from|m=s', >++ 'helo|h=s', >++ >++ 'default-explanation|def-exp=s', >++ 'hostname=s', >++ >++ 'keep-comments!', >++ 'debug!', # TODO Implement! >++ 'sanitize!', # TODO Implement! >++ >++ # Black Magic options: >++ 'enable-black-magic!', >++ 'max-dns-interactive-terms=i', >++ 'max-name-lookups-per-term=i', >++ 'authorize-mxes-for=s', >++ # TODO implement! >++ 'tfwl!', # TODO Implement! >++ 'guess=s', # TODO Implement! >++ 'local=s', # TODO Implement! >++ 'override=s%', # TODO Implement! >++ 'fallback=s%', # TODO Implement! >++ >++ # Meta actions: >++ 'version|V!', >++ 'help!', >++ >++ # Deprecated options: >++ 'sender=s', # Now 'scope'/'identity' or 'mfrom' >++ 'ipv4=s', # Now 'ip-address' >++ 'i=s', # Now 'ip-address' >++ 'name=s', # Now 'hostname' >++ 'max-lookup-count=i', >++ 'max-lookup=i', # Now 'max-dns-interactive-terms' >++ 'rcpt-to=s', # Now 'authorize-mxes-for' >++ 'r=s', # Now 'authorize-mxes-for' >++ 'trusted!' # Now 'tfwl' >++); >++ >++if (not $getopt_result) { >++ usage(); >++ exit(255); >++} >++ >++if ($options->{help}) { >++ help(); >++ exit(0); >++} >++ >++if ($options->{version}) { >++ print("spfquery version $VERSION (using Mail::SPF)\n"); >++ exit(0); >++} >++ >++deprecated_option('sender', 'mfrom', $options); >++deprecated_option('ipv4', 'ip-address', $options); >++deprecated_option('i', 'ip-address', $options); >++deprecated_option('name', 'hostname', $options); >++deprecated_option('max-lookup-count', 'max-dns-interactive-terms', $options); >++deprecated_option('max-lookup', 'max-dns-interactive-terms', $options); >++deprecated_option('rcpt-to', 'authorize-mxes-for', $options); >++deprecated_option('r', 'authorize-mxes-for', $options); >++deprecated_option('trusted', 'tfwl', $options); >++ >++if ($options->{'enable-black-magic'}) { >++ if (not defined(eval('require Mail::SPF::BlackMagic'))) { >++ STDERR->print("Error: Cannot enable black magic. Unable to load Mail::SPF::BlackMagic.\n"); >++ exit(255); >++ } >++ # else: Black magic enabled! >++} >++elsif ( >++ black_magic_option('max-dns-interactive-terms', $options) or >++ black_magic_option('max-name-lookups-per-term', $options) or >++ black_magic_option('rcpt-to', $options) or >++ black_magic_option('trusted', $options) or >++ black_magic_option('guess', $options) or >++ black_magic_option('local', $options) or >++ black_magic_option('override', $options) or >++ black_magic_option('fallback', $options) >++) { >++ exit(255); >++} >++ >++my @versions = split(',', $options->{versions} || ''); >++my $scope = $options->{scope}; >++my $identity = $options->{identity}; >++my $ip_address = $options->{'ip-address'}; >++my $helo_identity = $options->{'helo-identity'}; >++ >++# Heuristic for distinguishing between 's(cope)' and 's(ender)': >++if (defined(my $s = $options->{s})) { >++ if ( >++ not defined($scope) and # No explicit 'scope' option has been specified, and >++ $s !~ /[@.]/ # 's' option contains neither an '@' nor a dot, >++ # so it cannot be an e-mail address or a domain. >++ ) { >++ # Thus it must be meant as the 'scope' option: >++ $scope = $s; >++ } >++ else { >++ # Else, it must be meant as the deprecated 'sender' option: >++ $options->{mfrom} = $s; >++ } >++} >++ >++# Heuristic for when explicit 'scope'/'s(cope)' option is absent: >++if (not defined($scope)) { >++ if (defined($identity) or defined($options->{file})) { >++ # Identity has been specified, or input will be read from file: >++ # apply the 'scope' option default: >++ $scope = 'mfrom'; >++ } >++ elsif (defined($options->{helo})) { >++ $scope = 'helo'; >++ $identity = $options->{helo}; >++ } >++ elsif (defined($options->{mfrom})) { >++ $scope = 'mfrom'; >++ $identity = $options->{mfrom}; >++ $helo_identity ||= $options->{helo}; >++ } >++ elsif (defined($options->{pra})) { >++ $scope = 'pra'; >++ $identity = $options->{pra}; >++ } >++} >++ >++my $default_explanation = $options->{'default-explanation'}; >++my $hostname = $options->{hostname}; >++ >++if ( >++ not defined($scope) or >++ not (defined($identity) xor defined($options->{file})) >++) { >++ usage(); >++ exit(255); >++} >++ >++if (defined($identity) and $identity eq '') { >++ STDERR->print("Error: Empty identities are not supported. See spfquery(1).\n"); >++ exit(255); >++} >++ >++# Process the SPF Request(s) >++############################################################################## >++ >++try { >++ my $spf_server = Mail::SPF::Server->new( >++ default_authority_explanation >++ => $default_explanation, >++ hostname => $hostname, >++ # debug => $options->{debug}, >++ # sanitize => $options->{sanitize}, >++ >++ # Black Magic: >++ ( >++ exists($options->{'max-dns-interactive-terms'}) ? >++ (max_dns_interactive_terms => $options->{'max-dns-interactive-terms'} || undef) >++ : () >++ ), >++ ( >++ exists($options->{'max-name-lookups-per-term'}) ? >++ (max_name_lookups_per_term => $options->{'max-name-lookups-per-term'} || undef) >++ : () >++ ) >++ # rcpt_to => $options->{'rcpt-to'}, >++ # trusted => $options->{trusted}, >++ # guess => $options->{guess}, >++ # local => $options->{local}, >++ # override => $options->{override}, >++ # fallback => $options->{fallback}, >++ ); >++ >++ my $exit_code; >++ >++ if (not defined($options->{file})) { >++ # Single request: >++ my $result_code = do_process( >++ $spf_server, >++ versions => @versions ? [@versions] : undef, >++ scope => $scope, >++ identity => $identity, >++ ip_address => $ip_address, >++ helo_identity => $helo_identity >++ ); >++ $exit_code = exit_codes_by_result_code->{$result_code}; >++ } >++ else { >++ # File request: >++ my $file = $options->{file} eq '-' ? \*STDIN : IO::File->new($options->{file}) >++ or die("Could not open: $options->{file}\n"); >++ while (<$file>) { >++ chomp; >++ s/^\s*//; >++ next if /^$/; >++ if (/^#/) { >++ print("$_\n") if $options->{'keep-comments'}; >++ next; >++ } >++ ($ip_address, $identity, $helo_identity) = split; >++ my $result_code = do_process( >++ $spf_server, >++ versions => @versions ? [@versions] : undef, >++ scope => $scope, >++ identity => $identity, >++ ip_address => $ip_address, >++ helo_identity => $helo_identity >++ ); >++ $exit_code ||= exit_codes_by_result_code->{$result_code}; >++ } >++ } >++ >++ exit($exit_code); >++} >++catch Mail::SPF::Exception with { >++ my ($e) = @_; >++ STDERR->printf("Error: %s.\n", $e->text); >++ exit(255); >++}; >++ >++ >++# Helper Function >++############################################################################## >++ >++sub do_process { >++ my ($spf_server, %request_options) = @_; >++ my $request = Mail::SPF::Request->new(%request_options); >++ my $result = $spf_server->process($request); >++ printf( >++ "%s\n%s\n%s\n%s\n", >++ $result->code, >++ ( >++ $result->can('authority_explanation') ? >++ $result->authority_explanation >++ : $result->local_explanation >++ ), >++ $result->local_explanation, >++ $result->received_spf_header >++ ); >++ return $result->code; >++} >diff -Naur p5-Mail-SPF.dist/pkg-plist p5-Mail-SPF/pkg-plist >--- p5-Mail-SPF.dist/pkg-plist 2008-02-22 22:40:33.000000000 +0100 >+++ p5-Mail-SPF/pkg-plist 2011-05-24 19:42:51.000000000 +0200 >@@ -1,4 +1,4 @@ >-bin/spfquery >+%%SPFQUERY%%bin/spfquery%%SPFQUERY_SUFFIX%% > sbin/spfd > %%SITE_PERL%%/Mail/SPF.pm > %%SITE_PERL%%/Mail/SPF/MacroString.pm
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=115334">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 157107
: 115334 |
115335
|
115336
|
115337
|
115338