Implementation of the Sender Policy Framework for SMTP authorization
C Shell Perl XS Other
Latest commit 79ed3e3 Apr 5, 2015 @mdomsch mdomsch bootstrap: fix for newer autotools
On Fedora 21, we need to run libtoolize before aclocal so that aclocal
picks up the changes.  We also need to copy in missing automake files.

Running autoreconf isn't sufficent, nor is it necessary to run
autoreconf afterwards.  Simply running libtoolize, aclocal,
autoheader, automake, and autoconf (in that order) works great.
Thereafter, running autoreconf has no effect, so don't bother.

I have also confirmed this works correctly on RHEL6 and Ubuntu 14.04.2
LTS provided the necessary autotools packages are installed.


 * @file
 * @brief Description of libspf2
 * The contents of this file is extracted by the documentation
 * generator, and forms the front matter and introductory text to this 
 * manual. The documentation for this file is, therefore, apparently
 * empty.

 * @mainpage Introduction to libspf2

 * @par Recipes

An example client implementation is in spf_example.c with a little
more error checking. The basic cases are as follows:

The SPF server is reusable, and thread-safe. It must be freed using

	SPF_server_t	*spf_server = SPF_server_new(SPF_DNS_CACHE, 0);

Create a request, and set the relevant fields in it. Each setter
method returns an SPF_errcode_t, which will inform you of error
conditions, such as out-of-memory or invalid argument.

	SPF_request_t	*spf_request = SPF_request_new(spf_server);
	SPF_request_set_ipv4_str(spf_request, "");
	SPF_request_set_env_from(spf_request, "");

Now that we have built a query, we may execute it. It will use the
SPF_server_t which was passed to the query constructor. As usual, the
SPF_request_query_mailfrom method returns an error code, although
much richer errors are returned inside the SPF_response_t - see
spf_response.h for more details of that API.

	SPF_response_t	*spf_response = NULL;
	SPF_request_query_mailfrom(spf_request, &spf_response);
	printf("Result is %s\n",

When we have finished with the response, we must free it and the


We can execute many requests in parallel threads on the same server,
but before the program exits, we must free the server.


 * @par Authors

 - Current maintainer: Shevek <>
 - Contributors: Magnus Holmgren, Julian Mehnle, Scott Kitterman
 - Contributors: Dan Kaminsky, Ben Chelf, Hannah Schroeter
 - Contributors: Martin Braine, Manish Raje, Stuart Gathman
 - Original author, 1.0 series: Wayne Schlitt <>

 * @par License

This program is free software; you can redistribute it and/or modify
it under the terms of either:

  a) the GNU Lesser General Public License as published by the Free
     Software Foundation; either version 2.1, or (at your option) any
     later version, or


  b) The two-clause BSD license.

Some code in the 'replace' subdirectory was obtained form other sources
and have different, but compatible, licenses. These routines are
used only when the native libraries for the OS do not contain these
functions.  You should review the licenses and copyright statments
in these functions if you are using an OS that needs these functions.

 * @par Original README from Wayne Schlitt

Libspf2 is an implementation of the SPF specification as found at
or doc/draft-mengwong-spf-00.txt

Libspf2 is in beta testing and should only be used in production
systems with caution.  It has not been widely compiled and tested on
machines with different operating systems, CPU architectures, or
network configurations.  It has not been audited for security errors.

While libspf2 is beta code, a lot of effort has been put into
making it secure by design, and a great deal of effort has been put
into the regression tests.  Functions such as sprintf() are never
used, things like snprintf() are used instead.  There are few fixed
sized buffers/arrays, instead, most data structures are dynamically
allocated with the allocation sized recorded so I can check to make
sure the buffer isn't overflowed.  The return values from malloc() and
other system calls are checked and handled as gracefully as I can.
The valgrind program is regularly run to make sure that there are no
memory leaks and reads/writes to invalid memory.

This code has been compiled and passed its regression tests on Debian
Linux (sid/testing) on the x86, FreeBSD 4.3 (x86), FreeBSD 4.9
(x86??), NetBSD 1.62 (x86?), SunOS 5.8 on the ultrasparc, and a few
others.  It uses the autotools (autoconfig, libtools, automake, etc.)
to try and make things more portable, so it will likely work on other
systems also.