RejectReason URL and parameters issue

Question

RejectReason URL and parameters issue

Opened this issue 3 years ago · 6 comments

Hi,

From https://github.com/jcbf/smf-spf/blob/master/smf-spf.conf


RejectReason specifies the message that will be return to milter client
You can use %s placeholders where :
1st %s - sender address or postmaster@<helo name> if empty sender
2nd %s - sender IP Address
3rd %s - server name ( {j} macro

Default: Rejected, look at http://www.openspf.org/why.html?sender=%s&ip=%s&receiver=%s

As www.openspf.org has now been closed for two years, the RejectReason generated URL is not clickable, and that's why this message should be disabled by default, but it's impossible, there isn't available on/off option. As I could not find any alternative, and as currently parameters order is fixed, at the moment I changed RejectReason to static - "An SPF enabled mail server rejected message from %s, because sender address %s does not exist in the domain corresponding SPF record."

For better customization, please change parameters and allow any parameters order somehing like:
%sa - sender address or postmaster@ if empty sender
%sd - sender domain
%ip - sender IP address
%sn - server name

Answer 1 · 2021-09-07T09:36:47.000Z

That makes sense.
I will take a look

Answer 2 · 2021-09-07T14:18:44.000Z

For the customization part keep in mind that snprintf is used, so you can make use of parameter index to invert order.
Example:

RejectReason SPF Rejected. Servername: %3$s Sender: %1$s Client-IP: %2$s

Will replace by the correct values like

5.7.23 SPF Rejected. Server: mta.example.net Sender: user@example.com Client-IP:  192.0.0.1

Answer 3 · 2021-09-08T18:30:51.000Z

For the customization part keep in mind that snprintf is used, so you can make use of parameter index to invert order.
Example:
RejectReason SPF Rejected. Servername: %3$s Sender: %1$s Client-IP: %2$s
Will replace by the correct values like
5.7.23 SPF Rejected. Server: mta.example.net Sender: user@example.com Client-IP:  192.0.0.1

So all this works with the current code? If so, then please change default RejectReason message and also update smf-spf.conf guide and example.

And how to disable RejectReason? Just using RejectReason without any text? Even if this works, then I suggest to change logic, so that if RejectReason is not enabled by default (it's commented out), there is no RejectReason message at all.

Answer 4 · 2022-03-24T16:29:53.000Z

@ksuuk What do you mean by "disable RejectReason"?
If we Reject a message there will be some text ...
Are you suggesting a simple message like "Reject due to SPF failure"?

Answer 5 · 2022-03-24T16:40:03.000Z

@ksuuk What do you mean by "disable RejectReason"? If we Reject a message there will be some text ... Are you suggesting a simple message like "Reject due to SPF failure"?

@jcbf

Like I explained:

If RejectReason is not enabled, no message is used.
If RejectReason is enabled, the default/hardcoded message is used.
If RejectReason is enabled and custom message is added, the custom message is used.

Answer 6 · 2022-03-24T23:07:17.000Z

The milter must always send a message back.
The message has a response code, an extended code, and a text.
The codes must be 2xx for accept, 4xx for deferring, and 5xxx for rejecting.
When accepting there is no extended code, for differing is 4.7.23 and 5.7.23 for rejecting.
RejectMessage goes after the extended code when rejecting, It is not recommended but you can leave an empty message if you don't want anything after. Or else the value in RejectMessage is sent.
If you just want to log results and accept all messages then set RefuseFail Off
If you just want to defer message and don't reject then set SoftFail On
To reject the message ( default behavior), set SoftFail On and SoftFail Off.

So I'm not really understanding your request.