spfquery - checks if an IP address is an SPF-authorized SMTP sender for a domain
2.3
spfquery --mail-from|-m|--sender|-s email-address|domain --helo|-h hostname --ip|-i ip-address [OPTIONS]
spfquery --helo|-h hostname --ip|-i ip-address [OPTIONS]
spfquery --file|-f filename|- [OPTIONS]
spfquery --version|-V
spfquery --help
spfquery performs Sender Policy Framework (SPF) authorization checks based on the command-line arguments or data given in a file or on standard input. For information on SPF see http://www.openspf.org.
The --mail-from form checks if the given ip-address is an authorized SMTP sender for the given envelope sender domain or email-address and HELO hostname (so-called MAIL FROM check).
If a domain is given,
postmaster will be substituted for the localpart.
The --helo form checks if the given ip-address is an authorized SMTP sender for the given HELO hostname (so-called HELO check).
The --file form reads "ip-address sender-address helo-hostname" tuples from the file with the specified filename, or from standard input if filename is -.
The --version form prints version information of spfquery. The --help form prints usage information for spfquery.
The --mail-from, --helo, and --file forms optionally take any of the following additional OPTIONS:
Print out debug information.
Use the specified string as the default explanation if the SPF record does not specify an explanation string itself.
Use spf-terms as a default record if no SPF record is found. This is a non-standard feature.
Do (not) print any comments found when reading from a file or from standard input.
Process spf-terms as local policy before resorting to a default result (the implicit or explicit all mechanism at the end of the domain's SPF record).
For example,
this could be used for white-listing one's secondary MXes: mx:mydomain.example.org.
Perform a maximum of n SPF record lookups. Defaults to 10.
Use hostname as the hostname of the local system instead of auto-detecting it.
Set overrides and fallbacks.
Each option can be specified multiple times.
For example: --override example.org='v=spf1 -all' --override '*.example.net'='v=spf1 a mx -all' --fallback example.com='v=spf1 -all'.
This is a non-standard feature.
Automatically allow the secondary MXes of the comma-separated list of email-addresses.
Do (not) sanitize the output by condensing consecutive white-space into a single space and replacing non-printable characters with question marks. Enabled by default.
Do (not) perform trusted-forwarder.org accreditation checking.
Disabled by default.
This is a non-standard feature.
The specified IP address is an authorized mailer for the sender domain/address.
The specified IP address is not an authorized mailer for the sender domain/address.
The specified IP address is not an authorized mailer for the sender domain/address, however the domain is still in the process of transitioning to SPF.
The sender domain makes no assertion about the status of the IP address.
The sender domain has a syntax error in its SPF record.
A temporary DNS error occurred while resolving the sender policy. Try again later.
There is no SPF record for the sender domain.
spfquery -i 11.22.33.44 -m user@example.com -h spammer.example.net
spfquery -f test_data
echo "127.0.0.1 user@example.com helohost.example.com" | spfquery -f -
This version of spfquery was written by Wayne Schlitt <wayne@midwestcs.com>.
This man-page was written by Julian Mehnle <julian@mehnle.net>, based on a man-page written by S. Zachariah Sprackett for an older version of spfquery.
