Op Fri, 21 Apr 2017 14:12:56 +0200 schreef Reyk Floeter <r...@openbsd.org>:
On Fri, Apr 21, 2017 at 01:52:05PM +0200, Boudewijn Dijkstra wrote:
Op Fri, 21 Apr 2017 12:16:31 +0200 schreef Reyk Floeter
<r...@openbsd.org>:
> On Fri, Apr 21, 2017 at 11:59:20AM +0200, Peter N. M. Hansteen wrote:
> > On Fri, Apr 21, 2017 at 11:25:14AM +0200, Markus Rosjat wrote:
> > >
>
> I use the attached script to fetch the SPF entries recursively, in a
> plain text format that can be fed into pfctl.
Have you tried mx3a.certifiedfactory.info ? ;)
great
I think you got something wrong:
I don't use this simple script automatically or for "untrusted
domains", I just use it _manually_ and for _well-known_ offenders like
outlook.com that break greylisting.
I only pointed out a weakness. Infinite loops may happen regardless of
trust or reputation, so the weakness should IMHO be either documented or
fixed.
SPF is not a security solution,
but it is a band-aid that helps to handle these stupid cloud-based MTAs.
The script below fixes it - or akpoff's slightly more complicated (and
probably more correct) version.
Thanks.
--
Gemaakt met Opera's e-mailprogramma: http://www.opera.com/mail/