diff --git a/TODO b/TODO
index 9171a27..a4c0c4f 100644
--- a/TODO
+++ b/TODO
@@ -1,3 +1,10 @@
+Include full info in Received-SPF for neutral.  When making best
+guess, Received-SPF should be none.  Add additional keywords or
+another header.
+
+Require signed MFROM for all incoming bounces when signing all outgoing mail -
+except from trusted relays.
+
 Send DSN for permerror before processing extended result.  An additional
 DSN may be sent based on extended result.
 
diff --git a/bms.py b/bms.py
index 688c888..cca04b3 100644
--- a/bms.py
+++ b/bms.py
@@ -1,6 +1,9 @@
 #!/usr/bin/env python
 # A simple milter that has grown quite a bit.
 # $Log$
+# Revision 1.41  2005/12/01 18:59:25  customdesigned
+# Fix neutral policy.  pobox.com -> openspf.org
+#
 # Revision 1.40  2005/11/07 21:22:35  customdesigned
 # GOSSiP support, local database only.
 #
@@ -578,7 +581,7 @@ def read_config(list):
       ses = SES.new(secret=srs_secret,expiration=maxage)
       srs_domain = cp.getlist('srs','ses')
     else:
-      srs_domain = []
+      srs_domain = cp.getlist('srs','srs')
     srs_domain.append(cp.getdefault('srs','fwdomain'))
     banned_users = cp.getlist('srs','banned_users')
     #print srs_domain
@@ -947,15 +950,7 @@ class bmsMilter(Milter.Milter):
     self.umis = None
     if not (self.internal_connection or self.trusted_relay)	\
     	and self.connectip and spf:
-      rc = self.check_spf()
-      if rc != Milter.CONTINUE or not domain or not gossip: return rc
-      if self.spf.result == 'pass':
-        qual = 'SPF'
-      else:
-        qual = self.connectip
-      self.umis = gossip.umis(domain+qual,self.id+time.time())
-      res,hdr,val = gossip_node.query(self.umis,domain,qual,1)
-      self.add_header(hdr,val,idx=0)
+      return self.check_spf()
     else:
       self.spf = None
     return Milter.CONTINUE
@@ -1094,6 +1089,14 @@ class bmsMilter(Milter.Milter):
     if res == 'pass' and auto_whitelist.has_key(self.canon_from):
       self.whitelist = True
       self.log("WHITELIST",self.canon_from)
+    if gossip:
+      if res == 'pass':
+        qual = 'SPF'
+      else:
+        qual = self.connectip
+      self.umis = gossip.umis(q.o+qual,self.id+time.time())
+      res,hdr,val = gossip_node.query(self.umis,q.o,qual,1)
+      self.add_header(hdr,val)
     return Milter.CONTINUE
 
   # hide_path causes a copy of the message to be saved - until we
diff --git a/doc/changes.ht b/doc/changes.ht
index 679a15c..01e5c24 100644
--- a/doc/changes.ht
+++ b/doc/changes.ht
@@ -6,6 +6,11 @@ Python milter has been moved to
 <a href="http://sourceforge.net/projects/pymilter/">pymilter Sourceforge
 project</a> for development and release downloads.
 
+<h3> GOSSiP </h3>
+An alpha release of <a href="pygossip.html">pygossip</a> has been commited to
+CVS, module pygossip. A version of the bms.py milter has been commited to CVS
+which supports calling GOSSiP to track domain reputation in a local database.
+
 <h3> New website design </h3>
 
 Hey, I'm no artist, so I just used the
diff --git a/doc/credits.ht b/doc/credits.ht
index 8240592..dcdfaad 100644
--- a/doc/credits.ht
+++ b/doc/credits.ht
@@ -25,7 +25,8 @@ real, usable Python extension.
   <dd>for providing a Python port of SPF
 <dt>Scott Kitterman
   <dd>for doing lots of testing and debugging of SPF against draft standard,
-  and for putting up a web page that validates SPF records using spf.py
+  and for putting up a <a href="http://www.kitterman.com/spf/validate.html">
+  web page that validates SPF</a> records using spf.py
 <dt>Alexander Kourakos
   <dd>for plugging several memory leaks
 <dt>George Graf at Vienna University of Economics and Business Administration
diff --git a/milter.spec b/milter.spec
index 446305b..cc8294c 100644
--- a/milter.spec
+++ b/milter.spec
@@ -1,6 +1,6 @@
 %define name milter
 %define version 0.8.4
-%define release 1.RH7
+%define release 2.RH7
 # what version of RH are we building for?
 %define redhat9 0
 %define redhat7 1
@@ -31,7 +31,7 @@ Name: %{name}
 Version: %{version}
 Release: %{release}
 Source: %{name}-%{version}.tar.gz
-#Patch: %{name}-%{version}.patch
+Patch: %{name}-%{version}.patch
 Copyright: GPL
 Group: Development/Libraries
 BuildRoot: %{_tmppath}/%{name}-buildroot
@@ -52,10 +52,15 @@ modules provide for navigating and modifying MIME parts.
 
 %prep
 %setup
-#%patch -p1
+%patch -p0 -b .bms
 
 %build
-env CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="-s" %{python} setup.py build
+if %{redhat9}; then
+  LDFLAGS="-g"
+else
+  LDFLAGS="-s"
+fi
+env CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$LDFLAGS" %{python} setup.py build
 
 %install
 rm -rf $RPM_BUILD_ROOT
@@ -169,8 +174,13 @@ rm -rf $RPM_BUILD_ROOT
 /usr/share/sendmail-cf/hack/rhsbl.m4
 
 %changelog
+* Mon Oct 31 2005 Stuart Gathman <stuart@bmsi.com> 0.8.5-1
+- Simple trusted_forwarder implementation.
+- Fix access_file neutral policy
 * Fri Oct 21 2005 Stuart Gathman <stuart@bmsi.com> 0.8.4-2
 - Don't supply sender when MFROM is subdomain of header from/sender.
+- Don't send quarantine DSN for DSNs
+- Skip dspam for replies/DSNs to signed MFROM
 * Thu Oct 20 2005 Stuart Gathman <stuart@bmsi.com> 0.8.4-1
 - Fix SPF policy via sendmail access map (case insensitive keys).
 - Auto whitelist senders, train screener on whitelisted messages
diff --git a/spf.py b/spf.py
index 70b3838..a45a099 100755
--- a/spf.py
+++ b/spf.py
@@ -19,7 +19,7 @@ AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
 SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
 
 For more information about SPF, a tool against email forgery, see
-	http://spf.pobox.com/
+	http://openspf.org/
 
 For news, bugfixes, etc. visit the home page for this implementation at
 	http://www.wayforward.net/spf/
@@ -47,6 +47,9 @@ For news, bugfixes, etc. visit the home page for this implementation at
 # Terrence is not responding to email.
 #
 # $Log$
+# Revision 1.15  2005/10/30 01:08:14  customdesigned
+# Ignore records missing spaces.
+#
 # Revision 1.14  2005/08/12 17:36:51  customdesigned
 # Trean non-existant include as no match in "lax" mode.
 #
@@ -596,9 +599,12 @@ class query(object):
 			return ('none', 250, EXPLANATIONS['none'])
 
 		# split string by whitespace, drop the 'v=spf1'
-		#
 		spf = spf.split()
-		#Catch case where SPF record has no spaces
+		# Catch case where SPF record has no spaces
+		# Can never happen with conforming dns_spf(), however
+		# in the future we might want to give permerror
+		# for common mistakes like IN TXT "v=spf1" "mx" "-all"
+		# in relaxed mode.
 		if spf[0] != 'v=spf1':   
 		    raise PermError('Invalid SPF record in', self.d)
 		spf = spf[1:]
diff --git a/strike3.txt b/strike3.txt
index 3357213..917fbae 100644
--- a/strike3.txt
+++ b/strike3.txt
@@ -23,7 +23,7 @@ SMTP (email) servers to prevent criminals from forging your
 domain.  The simplest step is usually to publish an SPF record
 with your Sender Policy.  
 
-For more information, see: http://openspf.com
+For more information, see: http://openspf.org
 
 I hate to annoy you with a DSN (Delivery Status
 Notification) from a possibly forged email, but since you
