如何設定 EXIM 以檢查傳入電子郵件的 SPF 記錄並向傳入電子郵件新增「已接收 SPF」標頭?

tag-icon tag-icon email email-server exim spf
如何設定 EXIM 以檢查傳入電子郵件的 SPF 記錄並向傳入電子郵件新增「已接收 SPF」標頭?

我正在使用 Exim 並創建了一個可以接受和發送電子郵件的郵件伺服器。現在,我想為每封傳入的電子郵件啟用 SPF 檢查,以便將Received SPF標頭新增至這些電子郵件。但我似乎無法找出如何做到這一點的方法。

醫生說,SPF verification support is built into Exim if SUPPORT_SPF=yes is set in Local/Makefile. The support uses the libspf2 library https://www.libspf2.org/.

但我想如果他/她從原始程式碼建立 Exim,則只能將此選項設為 yes。我直接從 ubuntu 套件安裝它(我想 libspf2 是自動安裝的)並且不知道它的位置在哪裡Local/Makefile。我很確定這可以很容易地完成,但我現在對此一無所知。

30_exim4-config_check_rcpt我還檢查了 Exim 配置目錄,並在文件中找到了以下相關程式碼段。

spf-tools-perl這清楚地表明,如果啟用並安裝了SPF 檢查,Exim 將在 RCPT 命令之後檢查寄件者的 SPF 記錄。我安裝了spf-tools-perl,但仍然沒有看到任何Received SPF標題。所以,這就引出了兩個問題。

  1. 如何啟用 SPF 檢查以啟用此程式碼的執行?
  2. 為什麼 spf-tools-perl 正如文件明確指出的 Exim 使用 libspf。那為什麼要兩個庫呢?
  # Use spfquery to perform a pair of SPF checks.
  #
  # This is quite costly in terms of DNS lookups (~6 lookups per mail).  Do not
  # enable if that's an issue.  Also note that if you enable this, you must
  # install "spf-tools-perl" which provides the spfquery command.
  # Missing spf-tools-perl will trigger the "Unexpected error in
  # SPF check" warning.
  .ifdef CHECK_RCPT_SPF
  deny
    message = [SPF] $sender_host_address is not allowed to send mail from \
              ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}.
    log_message = SPF check failed.
    !acl = acl_local_deny_exceptions
    condition = ${run{/usr/bin/spfquery.mail-spf-perl --ip \
                   ${quote:$sender_host_address} --identity \
                   ${if def:sender_address_domain \
                       {--scope mfrom  --identity ${quote:$sender_address}}\
                       {--scope helo --identity ${quote:$sender_helo_name}}}}\
                   {no}{${if eq {$runrc}{1}{yes}{no}}}}

  defer
    message = Temporary DNS error while checking SPF record.  Try again later.
    !acl = acl_local_deny_exceptions
    condition = ${if eq {$runrc}{5}{yes}{no}}

  warn
    condition = ${if <={$runrc}{6}{yes}{no}}
    add_header = Received-SPF: ${if eq {$runrc}{0}{pass}\
                                {${if eq {$runrc}{2}{softfail}\
                                 {${if eq {$runrc}{3}{neutral}\
                  {${if eq {$runrc}{4}{permerror}\
                   {${if eq {$runrc}{6}{none}{error}}}}}}}}}\
                } client-ip=$sender_host_address; \
                ${if def:sender_address_domain \
                   {envelope-from=${sender_address}; }{}}\
                helo=$sender_helo_name

  warn
    log_message = Unexpected error in SPF check.
    condition = ${if >{$runrc}{6}{yes}{no}}
  .endif```

相關內容