Topic: Issue with spf_to_greylist_whitelists.py not importing all SPF network
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hello,
I have an issue with the script spf_to_greylist_whitelists.py when trying to import SPF records into greylist whitelist.
For example, running:
python3 /opt/iredapd/tools/spf_to_greylist_whitelists.py icloud.com
Output:
* 1 mail domains in total.
+ [icloud.com]
When I check with:
python3 /opt/iredapd/tools/greylisting_admin.py --list-whitelists | grep icloud
I only see a subset of IP ranges added, for example:
112.19.199.64/29 -> @., 'AUTO-UPDATE: icloud.com'
112.19.242.64/29 -> @., 'AUTO-UPDATE: icloud.com'
144.178.36.0/24 -> @., 'AUTO-UPDATE: icloud.com'
144.178.38.0/24 -> @., 'AUTO-UPDATE: icloud.com'
157.255.1.64/29 -> @., 'AUTO-UPDATE: icloud.com'
17.142.0.0/15 -> @., 'AUTO-UPDATE: icloud.com'
17.41.0.0/16 -> @., 'AUTO-UPDATE: icloud.com'
17.57.155.0/24 -> @., 'AUTO-UPDATE: icloud.com'
17.57.156.0/24 -> @., 'AUTO-UPDATE: icloud.com'
17.58.0.0/16 -> @., 'AUTO-UPDATE: icloud.com'
222.73.195.64/29 -> @., 'AUTO-UPDATE: icloud.com'
But the SPF record for icloud.com actually contains more networks, for example:
icloud.com text = "v=spf1 ip4:17.41.0.0/16 ip4:17.58.0.0/16 ip4:17.142.0.0/15 ip4:17.57.155.0/24 ip4:17.57.156.0/24 ip4:144.178.36.0/24 ip4:144.178.38.0/24 ip4:112.19.199.64/29 ip4:112.19.242.64/29 ip4:222.73.195.64/29 ip4:157.255.1.64/29"
" ip4:106.39.212.64/29 ip4:123.126.78.64/29 ip4:183.240.219.64/29 ip4:39.156.163.64/29 ip4:57.103.64.0/18"
" ip6:2a01:b747:3000:200::/56 ip6:2a01:b747:3001:200::/56 ip6:2a01:b747:3002:200::/56 ip6:2a01:b747:3003:200::/56 ip6:2a01:b747:3004:200::/56 ip6:2a01:b747:3005:200::/56 ip6:2a01:b747:3006:200::/56 ~all"
As you can see, these ranges (like 106.39.212.64/29, 123.126.78.64/29, 183.240.219.64/29, 39.156.163.64/29, 57.103.64.0/18) are missing in the greylist whitelist.
Is this a bug or is there a limitation in the script when handling multi-part SPF records (long TXT split across several strings)?
Any advice on how to import all networks from SPF correctly would be appreciated.
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.