2.0.2 (2017-12-14)
* Fix treatment of No_Mail configuration parameter so that specifying
No_Mail = False (the default) does not cause incorrect results
* Conditionally import authres is Header_Type is AR and raise an error if it
is missing (sorry pep-8) to avoid cases where users change the config
and suddenly it doesn't work for an example, see:
https://bugzilla.redhat.com/show_bug.cgi?id=1208876
* Update and correct Mail_From_pass_restriction description in
policyd-spf.conf(5 ()
* Update HELO checking default option in policyd-spf.conf(5)
* Note that SPF_Not_Pass is not consistent with RFC 7208 in the HELO
checking section of policyd-spf.conf(5) - already documented for Mail From
Mark as not supportin python-2.x per the 2.0.0 release notes (see below).
--- 2.0.1 (2016-12-08)
* Man page formatting and spelling corrections
* Corrected default debug level (LP: #1647089)
* Amplified loging level '-1' description
* Forward port version 1.3.2 fixes for detection of missing Authserv_Id that
were inadvertently not brought back to trunk
--- 2.0.0 (2016-12-02)
! No longer python2 compatible, minimum python3 version is 3.3 for ipaddress
! Removed support for use of ipaddr
! Changed default for HELO checking from SPF_Not_Pass to Fail (same as
MailFrom) even though I think Not Pass makes more sense in order to
still the complaints (Fedora, you can drop your sed call in the spec file
now). (LP: #1571144)
! Changed default for Authserv-ID to use local hostname to provide a
reasonable default Authserv-ID. (LP: #1575608)
! Increased minimum pyspf (python-spf) version to 2.0.9 so that Void_Limit
is always available and used.
! Added new Hide_Receiver option to prevent accidental disclosure of BCC
receivers and enabled it by default to maximize privacy. (LP: #1394294)
! Changed the name of the defaultSeedOnly option to TestOnly. The previous
name is still accepted, but an error is logged. The old name is a legacy
from the greylising functionaliy in tumgreyspf (from which this was forked
in 2007). The new name better reflects what the option does.
+ Added new Reason_Message option to allow for custom reject/defer message
(LP: #1422324) - Thanks to Bastian Blank for the significant patch
+ Added support for RFC 7372 email authentication specific enhanced status
codes as well as an option to use standard Postfix codes instead
+ Added new HELO_Whitelist option to allow for whitelisting from SPF checks
based on specific HELO/EHLO names (LP: #1602761)
+ Added new Whitelist_Lookup_Time to allow for adjustments on the maximum
time allowed for whitelist related DNS lookups to complete - This should
also help with LP: #1622137
+ Refactored and extended per user configuration to work for more
configuration options
+ Added new 'None' option for Header_Type. When set, no header field of any
kind is added to the message (LP: #1531724)
+ Added new Mock option for enhanced interoperability with downstream
milters - See policyd-spf.conf.5 for details
* Fix additional cases of choking on invalid email addresses (LP: #1342105)
* Reviewed and refactored logging to provide logging details at various
detail levels more consistent with the documentation. Also added a new
log level, '-1' for completely silent running.
* Added a new PERFORMANCE CONSIDERATIONS section to policyd-spf.1.
* Fix python3 incompatibility in cases where HELO name is somehow missing
(LP: #1184102)
* Improved per-user settings processing to avoid issues with multiple or
incorrect header fields being appended to multi-recipient messages
* Refactored processing for the No_Mail option to use the pyspf cache from
the previous SPF query rather than a new DNS lookup - should help with
LP: #1622137
* Fixed an issue that may have caused issues with multi-recipient use of
restriction classes
* Fixed a typo in policyd-spf-peruser.5 that made the example configuration
file invalid
This is python-policyd-spf, an external policy checker for the postfix mail
server. It will use pyspf to check SPF records to determine if email should
be rejected by your server.
Based on https://github.com/joyent/pkgsrc/pull/421 by Coy Hile.