On 10/30/18 8:46 PM, Chris Narkiewicz wrote: > W dniu 30/10/2018 o 19:31, Peter N. M. Hansteen pisze: >> yes, a well-known problem, and it's what nospamd (hinted at in the spamd >> man pages) is for. >> >> To some extent it helps to whitelist IP addresses and networks that >> domains list in their SPF info. > > Yeah, I hoped there are some reputable sources of validated mail > sources based on SPF and DKIM. > > I'll give a try to your compiled list, but the fact you maintain > it manually is a bit discouraging.
I've replaced the manually maintained list with a generated one - basically what you'll find at that URL now is the result of running 'smtpctl spf walk' over a list of interesting domains. I run this now at quasi-random intervals at bsdly.net. I took a look at the old list over last few days and did find some odd sediments such as addresses that no longer had a reverse lookup. I've preserved the old sedimentary collection at https://www.bsdly.net/~peter/nospamd.preserved_20181103.txt for reference. The file at https://www.bsdly.net/~peter/nospamd is now the generated version, without those artifacts. The script that generates the new version provides information about the domains in a more consistent fashion. The script is as you can imagine truly trivial (you should be able to recreate it from just reading the output), but I might put it somewhere accessible if there's interest (or if I can make a writeup that I can make interesting enough to accompany it). -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
