spfd --port port [--set-user uid|username] [--set-group gid|groupname]
spfd --socket filename [--socket-user uid|username] [--socket-group
gid|groupname] [--socket-perms octal-perms] [--set-user uid|username]
spfd is a simple forking Sender Policy Framework (SPF) query proxy
server. spfd receives and answers SPF query requests on a TCP/IP or
UNIX domain socket.
The --port form listens on a TCP/IP socket on the specified port. The
default port is 5970.
The --socket form listens on a UNIX domain socket that is created with
the specified filename. The socket can be assigned specific user and
group ownership with the --socket-user and --socket-group options, and
specific filesystem permissions with the --socket-perms option.
Generally, spfd can be instructed with the --set-user and --set-group
options to drop root privileges and change to another user and group
before it starts listening for requests.
The --help form prints usage information for spfd.
A request consists of a series of lines delimited by \x0A (LF) charac-
ters (or whatever your system considers a newline). Each line must be
of the form key=value, where the following keys are required:
ip The sender IP address.
The envelope sender address (from the SMTP "MAIL FROM" command).
The envelope sender hostname (from the SMTP "HELO" command).
spfd responds to query requests with similar series of lines of the
form key=value. The most important response keys are:
The result of the SPF query:
pass The specified IP address is an authorized mailer for the
error A temporary DNS error occurred while resolving the sender
policy. Try again later.
none There is no SPF record for the sender domain.
The text that should be included in the receiver's SMTP response.
The text that should be included as a comment in the message's
The SPF record of the envelope sender domain.
For the description of other response keys see Mail::SPF::Query.
For more information on SPF see <http://www.openspf.org>.
A running spfd could be tested using the "netcat" utility like this:
$ echo -e "ip=188.8.131.52\firstname.lastname@example.org\nhelo=spammer.example.net\n" | nc localhost 5970
smtp_comment=Please see http://spf.pobox.com/why.html?sender=user%40pobox.com&ip=184.108.40.206&receiver=localhost
header_comment=localhost: 220.127.116.11 is neither permitted nor denied by domain of email@example.com
This version of spfd was written by Meng Weng Wong <meng-
firstname.lastname@example.org>. Improved argument parsing was added by Julian
This man-page was written by Julian Mehnle <email@example.com>.
perl v5.8.8 2006-02-07 SPFD(8p)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2017
All Rights Reserved.