Sidney Markowitz wrote:
Even if, as I think, ~all is correct if you can enumerate all legal
senders for the domain, there still is a problem with making our test
depend on the current configuration of something that is being used for
some other purpose. There is always the risk that there will be a reason
for changing the configuration.
I got an idea from the tests in Mail::SPF::Query. How about if you
define a spf-test.spamassassin.org domain with an SPF record with ~all.
Then you are guaranteed that it will generate a fail but it can't mess
up any real email.
May I suggest something like the following:
neutral.spf.dns-tests.spamassassin.org. IN TXT "v=spf1 a:whatever ?all"
softfail.spf.dns-tests.spamassassin.org. IN TXT "v=spf1 a:whatever ~all"
hardfail.spf.dns-tests.spamassassin.org. IN TXT "v=spf1 a:whatever -all"
Where 'whatever' appropriately matches the text message headers.
Daryl
