Extended SPF

MailCleaner Support
Added almost 5 years ago

The standard use of SPF is described in

https://support.mailcleaner.net/boards/3/topics/64-spf-configuration

SPF only applies to the mail address given in the MAIL FROM: command in the SMTP session.
Quite a lot of spams/phishing are using spoofing techniques in other fields. You can extend your SPF checks to the fields Body-From and Reply-To.

SMTP stage

These options can be enabled / disabled in

Configuration->SMTP-> BodyFrom

and

Configuration->SMTP-> Reply-To

In those cases, if SPF gives an "hard fail", mails will be rejected at SMTP stage (that is to say that they wont go to quarantine)

SpamC

These options can also be enable in

Configuration->Anti Spam->SpamC-> Enable SPF control (BodyFrom)

and

Configuration->Anti Spam->SpamC-> Enable SPF control (Reply-To)

In that case the mail may go to quarantine.

The rules associated to this are related to the SPF for the SMTP-From and the Body-From SPFs. The rules names correspond to the form
MC_SPF__<SPF result for Body-From

The rules are :

MC_SPF_OK_OK
MC_SPF_OK_TILDE
MC_SPF_OK_KO
MC_SPF_OK_UNDEF
MC_SPF_TILDE_OK
MC_SPF_TILDE_TILDE
MC_SPF_TILDE_KO
MC_SPF_TILDE_UNDEF
MC_SPF_KO_OK
MC_SPF_KO_TILDE
MC_SPF_KO_KO
MC_SPF_KO_UNDEF
MC_SPF_UNDEF_OK
MC_SPF_UNDEF_TILDE
MC_SPF_UNDEF_KO
MC_SPF_UNDEF_UNDEF