search

stevejenkins / postwhite

Script for generating a whitelist for Postfix's Postscreen based on large senders' SPF records
https://www.stevejenkins.com/blog/2015/11/postscreen-whitelisting-smtp-outbound-ip-addresses-large-webmail-providers/
MIT License
89 stars 26 forks source link

/32 are removed as invalid #32

Closed jnorell closed 6 years ago

jnorell commented 7 years ago

Using the most recent postwhite, all addresses listed as /32 get removed in the "invalid" cleanup, but specifying a /32 cidr is perfectly valid:

root@mail:/etc/postfix# cat /etc/postfix/test.cidr 
1.1.1.1 OK
2.2.2.2/32 OK
root@mail:/etc/postfix# postmap -q 1.1.1.1 cidr:/etc/postfix/test.cidr 
OK
root@mail:/etc/postfix# postmap -q 1.1.1.1/32 cidr:/etc/postfix/test.cidr 
root@mail:/etc/postfix# postmap -q 2.2.2.2 cidr:/etc/postfix/test.cidr 
OK
root@mail:/etc/postfix# postmap -q 2.2.2.2/32 cidr:/etc/postfix/test.cidr 
root@mail:/etc/postfix#

Note that /32 syntax is not valid for a query argument, but it certainly is valid in the cidr table itself. (The workaround for now is to set invalid_ip4=fix or invalid_ip4=keep.)

dajones70 commented 6 years ago

I am experiencing the same problem with domain tn.gov when added to the custom list.

dajones70 commented 6 years ago

Pull request #41 fixes this problem.

stevejenkins commented 6 years ago

Fixed in version 3.3 (#41).