SPF Macro Support

[jcbenton]

Any plans on supporting SPF macros?

[mlocati]

This library already supports SPF macros.

[jcbenton]

Hmm. I will do some more testing and get back to you at a later date. I was having some spf fails previously. Here is an example of the SPF record:

d: z.co.nz i: 40.107.107.113 h: aus01-sy4-obe.outbound.protection.outlook.com

"v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all"

When I manually resolved everything it checked out, but was failing when using the library. I will do some more testing.

Can you point me to the bit of code where it processes the logic for SPF macros? I want to try and debug to figure out what I may be doing wrong.

[mlocati]

When I manually resolved everything it checked out, but was failing when using the library. I will do some more testing.

Could you show me the code that fails?

[jcbenton]

The basic jist of it. The "if" that will fire 99% of the time is the first one with the helo_name. I am wondering if that may be causing some of the issue. If I run it with just the sender and the IP it passes with no problem.

if($cfg['helo_checks'] != 'no'){
    $environment = new \SPFLib\Check\Environment($pfx_data['client_address'], $pfx_data['helo_name'], $pfx_data['sender']);
}else{
    $environment = new \SPFLib\Check\Environment($pfx_data['client_address'], '', $pfx_data['sender']);
}

$checker = new Checker();
$checkResult = $checker->check($environment);
$spf_result = trim(strtolower($checkResult->getCode()));

switch ($spf_result) {
    case 'none':

    case 'neutral':

    case 'pass':

    case 'fail':

    case 'softfail':

    case 'temperror':

    case 'permerror':

}

[jcbenton]

The code insert thing doesn't seem to be working. Apologies. It is there, just not formatted as desired.

[mlocati]

The code insert thing doesn't seem to be working. Apologies. It is there, just not formatted as desired.

Are you referring to the way GitHub formatted your comment above? If so, I've fixed its formatting.

PS: you can insert code blocks enclosing it with three backticks. For example, if you write

if (true) { echo 1; }

it will be rendered as

if (true) {
    echo 1;
}

You can also specify the programming language, to turn on syntax highlighting. For example:

```php
if (true) {
    echo 1;
}

it will be rendered as

```php
if (true) {
    echo 1;
}

[mlocati]

Back to your example, could you share the values of $cfg['helo_checks'], $pfx_data['client_address'], $pfx_data['helo_name'], $pfx_data['sender'] that aren't working for you?

[jcbenton]

The $cfg variable is just a set values used to turn features on and off when I incorporate into a larger codeset. $cfg['helo_checks'] simply turns EHLO checking on or off. If it is on, it will also pass the EHLO value in the new $environment.

$pfx_data is just an array of what is passed by postfix. (remote ip, EHLO, sender email. ) I created a unix policy service check in postfix for SPF checks. Apologies, I assumed the names would have been self explanatory. The values used in this example are in my earlier comments. Again below.

d: z.co.nz i: 40.107.107.113 h: aus01-sy4-obe.outbound.protection.outlook.com

"v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all"

[mlocati]

We've had a little misunderstanging here 😉 I wasn't asking about the meaning of the arrays, but the actual values that fail for you.

So, to summarize, the case that's failing for you is:

• $cfg['helo_checks'] is not no
• $pfx_data['client_address'] contains 40.107.107.113
• $pfx_data['helo_name'] contains aus01-sy4-obe.outbound.protection.outlook.com
• $pfx_data['sender'] contains z.co.nz

So, in order to replicate your issue, the code is:

$environment = new \SPFLib\Check\Environment(
    '40.107.107.113',
    'aus01-sy4-obe.outbound.protection.outlook.com',
    'z.co.nz'
);

$checker = new \SPFLib\Checker();
$checkResult = $checker->check($environment);

And you expect that $checkResult->getCode() should be pass.

That's correct?