Non-null host-address bits
karolyi opened this issue · 5 comments
Hey,
recently I started to get these errors:
Sep 25 18:51:04 ksol postfix/postscreen[83636]: warning: cidr map /usr/local/etc/postfix/postscreen_spf_whitelist.cidr,
line 5: non-null host address bits in "2a01:111:f400:7c00::/48", perhaps you should use "2a01:111:f400::/48" instead:
skipping this rule
I have no idea as to what this could be, I run the list generation normally each day.
cidr map /etc/postfix/postscreen_spf_whitelist.cidr, line 941: non-null host address bits in "2607:13c0:0002:0000:0000:0000:0000:1000/115", perhaps you should use "2607:13c0:2::/115" instead: skipping this rule
is there a way to set IPv4 only CIDRs?
same here, returned yesterday.
seeing that the last commit in this repo is 6 years old (!) maybe someone ought to fork it.
seeing the network graph, @nabbi seems to be doing something that might fix this issue.
seeing the network graph, @nabbi seems to be doing something that might fix this issue.
I've added a "quick and dirty" fix to my local install in line 361 of /usr/local/bin/postwhite/postwhite
cat "${tmp5}" | grep -E '^[0-9]{1,3}[.][0-9]{1,3}[.][0-9]{1,3}[.][0-9]{1,3}[.]*' >> "${postfixpath}"/"${whitelist}"
Getting IPv6 addresses, just to remove them in the final result is of course a bit of waste of time.
I also noticed, quite a lot of IPs are not in the final cidr list.
e.g: amazon.de -> amazon.com -> spf1.amazon.com -> 549 IN TXT "v=spf1 ip4:207.171.160.0/19 ip4:87.238.80.0/21 ip4:72.21.192.0/19 ip4:194.154.193.192/27 ip4:194.7.41.152/28 ip4:212.123.28.40/32 ip4:203.81.17.0/24 ip4:178.236.10.128/26 ip4:52.94.124.0/28 ip4:99.78.197.208/28 ip4:52.119.213.144/28 -all"
[missing] 87.238.80.0/2
[missing] 52.94.124.0/28
I patched my nabbi/postwhite fork to use an external script nabbi/route-summarization for the spf network summarization. It has been quick and accurate for my needs.