[EMAIL PROTECTED] wrote:
Well, we want to move to using real-time data for network tests and that would improve the scores, but it's a non-trivial amount of work (to log complete network data in message headers, and then reuse it in mass-check). Patches accepted. :-)
Nevertheless, SPF is not a super-great spam sign -- about 0.5% of ham fails in real-time and 8.5% of spam (on my mail stream). That's a S/O ratio of about 0.95 which is much worse than any good DNSBL.
When an e-mail administrator publishes an SPF record with "-all" in it he or she is asking you to discard messages that fail SPF testing because they are forgeries. I say we should honor that request. Eventually, the admins will get all their users in compliance and SPF will be extremely useful. Assigning low scores to SPF_FAIL delays that.
