Your Linux Data Center Experts



This is tumgreyspf, an external policy checker for the postfix mail server. It can optionally greylist and/or use spfquery to check SPF records to determine if email should be accepted by your server.

SPF is information published by the domain owner about what systems may legitimately send e-mail for the domain. Greylisting takes advantage of spam and viruses that do not follow the RFCs and retry deliveries on temporary failure. We use these checks as part of our mail system and have seen several orders of magnitude reduction in spam, lower system load, and few problems with legitimate mail getting blocked.

It uses the file-system as it's database, no additional database is required to use it.



Code/Bugfixes: On Github

Recent changes

WHATSNEW (first 15 lines):

Version 1.36 -- Thu Nov 24, 2011

New configuration setting "spfAcceptOnPermError" will accept e-mail from
      hosts that have invalid SPF records.  This is probably the right
      thing to do, so defaulting to enabled.  Contributed by Jesse Norell.
Added a "COMMON PROBLEMS" section to README, with suggested text from
      George Sexton.
Changed README to put tumgreyspf in recipient restrictions, not sender.
      Reported by George Sexton.
Bug fixed in tumgreyspf-clean when using greylistIpOnly, it wasn't removing
      greylist entries.  Reported by Michael Meelis and others.

Version 1.35 -- Wed Jul 23, 2009

Fixed a bug caused when the SPF record has a NUL in it.
      Reported by Thomas Goirand


Python: You can get source (and binaries for selected systems) from

SPF requires either the C or Perl binary or Python SPF library: tumgreyspf can either call the external SPF checking program from the SPF site, or the Python SPF library. The latter is preferred.

Description and License

tumgreyspf is licensed under the GPL.


tumgreyspf (source, binaries, report formats, documentation and all related matter) is copyright © 2004-2011 Sean Reifschneider,, ltd.