Le 27/09/2010 22:12, Stan Hoeppner a écrit :
Mikael Bak put forth on 9/27/2010 6:18 AM:
Stan Hoeppner wrote:
Michal Bruncko put forth on 9/26/2010 4:24 AM:
It is possible in some way to configure postfix, that SPF Passed mails
will be automatically accepted with postfix without greylisting?
If I may be blunt: this is a really dumb idea. Many, maybe all,
snowshoe spammers have valid SPF records. Thus, accepting mail simply
because the connecting IP passes SPF muster isn't a bright idea.
Snowshoe spam will most probably pass greylisting too. Better not
clutter greylisting database with useless things. Have the blacklists
block'em instead.
I don't follow your logic here. Yes, most snowshoe is sent from real
MTAs, not bots, so greylisting won't stop it. However, dnsbls and local
block lists aren't very effective against snowshoe either, although
Spamhaus DBL is getting much better WRT snowshoe.
actually, spamhaus doesn't get much of it. Barracuda gets more.
I have a local
snowshoe cidr table I've been building for 2 years and it works rather
well as I see maybe 1 snowshoe in the inbox every two weeks or so.
However, most people probably don't have such a local snowshoe blocking
list.
yep for both parts.
So OP's request is valid IMO.
No. spf is only useful in two corner cases:
- a domain specifies which IPs can send (+ a -all for the rest)
- you whitelist mail from some domain and that domain says that IP can
send from.
whitelisting because of spf pass is like whitelisting because of correct
rDNS.
Shooting mail straight into the inbox based on an SPF pass is not a
valid strategy, but a recipe for more spam in the inbox. SPF is
properly used in a scoring system within a policy daemon or external
content filter such as SA, same as DKIM etc are.
experience with SA shows that SPF is useless except in some corner cases
(examples above). just look at the SA scores...
