SPF Scoring... SPF_NEUTRAL
Has anyone experienced SPF_* rules not actually being scored ? In the debug I see that it comes back as result: none shouldnt this come back as SPF_NEUTRAL ? We are setting up SA with amavisd, and when running amavis in debug mode (amavisd u amavis g amavis debug-sa) I can see it hit the spf checks; it comes back with --- debug output --- [2456] dbg: spf: checking HELO (helo=mail.yuki.com, ip=22.110.92.38) [2456] dbg: spf: query for /22.110.92.38/mail.yuki.com: result: none, comment: SPF: domain of sender mail.yuki.com does not designate mailers [2456] dbg: spf: checking EnvelopeFrom (helo=mail.yuki.com, ip=22.110.92.38, [EMAIL PROTECTED]) [2456] dbg: spf: query for [EMAIL PROTECTED]/22.110.92.38/mail.yuki.com: result: none, comment: SPF: domain of sender [EMAIL PROTECTED] does not designate mailers In SA local.cf I have tweaked the scores arbitrarily way up to try to ensure that the scoring is substantial enough to guarantee notice --- local.cf --- score SPF_PASS 10 score SPF_HELO_PASS 10 score SPF_FAIL 12 score SPF_HELO_FAIL 13 score SPF_HELO_NEUTRAL 13 score SPF_HELO_SOFTFAIL 12 score SPF_NEUTRAL 12 score SPF_SOFTFAIL 12 However, the header result in the email is : --- email header --- X-Spam-Status: No, score=2.047 tagged_above=-999 required=4.5 tests=[BAYES_50=0.001, RCVD_IN_SORBS_DUL=2.046] X-Spam-Score: 2.047 X-Spam-Level: ** Still no hits Other score changes in local.cf are effective; so if I modify RCVD_IN_SORBS_DUL= that change will be apparent in the email header. Any ideas ??? Many thanks. Michael Grey
Re: SPF Scoring... SPF_NEUTRAL
On 8/23/06, Michael Grey [EMAIL PROTECTED] wrote: Has anyone experienced SPF_* rules not actually being scored ? In the debug I see that it comes back as 'result: none' – shouldn't this come back as SPF_NEUTRAL ? When the domain does not publish SPF records you get result: none. Test with a domain that does publish SPF records. -- Noel Jones
RE: SPF Scoring... SPF_NEUTRAL
Since this is not a production system, we have had to do some MX magic on a remote domain to push mail through this new system... that domain doesn't have SPF enabled (curse you Network Solutions !) So the big question is really this : Should NONE get an SPF score ? Thanks Mike -Original Message- From: Noel Jones [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 23, 2006 9:17 AM To: Michael Grey Cc: users@spamassassin.apache.org Subject: Re: SPF Scoring... SPF_NEUTRAL On 8/23/06, Michael Grey [EMAIL PROTECTED] wrote: Has anyone experienced SPF_* rules not actually being scored ? In the debug I see that it comes back as 'result: none' - shouldn't this come back as SPF_NEUTRAL ? When the domain does not publish SPF records you get result: none. Test with a domain that does publish SPF records. -- Noel Jones
Re: SPF Scoring... SPF_NEUTRAL
On 23-Aug-06, at 12:45 PM, Michael Grey wrote: Since this is not a production system, we have had to do some MX magic on a remote domain to push mail through this new system... that domain doesn't have SPF enabled (curse you Network Solutions !) So the big question is really this : Should NONE get an SPF score ? That is a matter of internal policy on your part. If you want to penalize domains for not having an SPF record you could give it a negative score. On the other hand, if you wish to reward them for not having an SPF record give them a positive score. I believe the general consensus is to leave it alone. Especially since SPF is still quite new and still technically in an experimental stage. -- Gino Cerullo Pixel Point Studios 21 Chesham Drive Toronto, ON M3M 1W6 416-247-7740
RE: SPF Scoring... SPF_NEUTRAL
Sorry, I was too philosophical in my question... to rephrase; In the standard SA config, should I expect to see an SPF_* rule hit returned when the SPF return value is 'none' ? Thanks Mike -Original Message- From: Gino Cerullo [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 23, 2006 9:54 AM To: users@spamassassin.apache.org Subject: Re: SPF Scoring... SPF_NEUTRAL On 23-Aug-06, at 12:45 PM, Michael Grey wrote: Since this is not a production system, we have had to do some MX magic on a remote domain to push mail through this new system... that domain doesn't have SPF enabled (curse you Network Solutions !) So the big question is really this : Should NONE get an SPF score ? That is a matter of internal policy on your part. If you want to penalize domains for not having an SPF record you could give it a negative score. On the other hand, if you wish to reward them for not having an SPF record give them a positive score. I believe the general consensus is to leave it alone. Especially since SPF is still quite new and still technically in an experimental stage. -- Gino Cerullo Pixel Point Studios 21 Chesham Drive Toronto, ON M3M 1W6 416-247-7740
Re: SPF Scoring... SPF_NEUTRAL
On Wed, 23 Aug 2006, Gino Cerullo wrote: So the big question is really this : Should NONE get an SPF score ? That is a matter of internal policy on your part. If you want to penalize domains for not having an SPF record you could give it a negative score. On the other hand, if you wish to reward them for not having an SPF record give them a positive score. I think you got that backwards. -- John Hardin KA7OHZICQ#15735746http://www.impsec.org/~jhardin/ [EMAIL PROTECTED]FALaholic #11174pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- The problem is when people look at Yahoo, slashdot, or groklaw and jump from obvious and correct observations like Oh my God, this place is teeming with utter morons to incorrect conclusions like there's nothing of value here.-- Al Petrofsky, in Y! SCOX --- 27 days until Talk Like a Pirate day
Re: SPF Scoring... SPF_NEUTRAL
On 23-Aug-06, at 1:09 PM, John D. Hardin wrote: On Wed, 23 Aug 2006, Gino Cerullo wrote: So the big question is really this : Should NONE get an SPF score ? That is a matter of internal policy on your part. If you want to penalize domains for not having an SPF record you could give it a negative score. On the other hand, if you wish to reward them for not having an SPF record give them a positive score. I think you got that backwards. U! Yeah, I think i did. Okay just do what I meant but do it the other way around. ;-) -- Gino Cerullo Pixel Point Studios 21 Chesham Drive Toronto, ON M3M 1W6 416-247-7740
Re: SPF Scoring... SPF_NEUTRAL
On 23-Aug-06, at 1:01 PM, Michael Grey wrote: Sorry, I was too philosophical in my question... to rephrase; In the standard SA config, should I expect to see an SPF_* rule hit returned when the SPF return value is 'none' ? This is from the latest 50_scores.cf # SPF # Note that the benefit for a valid SPF record is deliberately minimal; it's # likely that more spammers would quickly move to setting valid SPF records # otherwise. The penalties for an *incorrect* record, however, are large. ;) ifplugin Mail::SpamAssassin::Plugin::SPF score SPF_PASS -0.001 score SPF_HELO_PASS -0.001 # gen:mutable score SPF_FAIL 0 1.333 0 1.142 score SPF_HELO_FAIL 0 score SPF_HELO_NEUTRAL 0 score SPF_HELO_SOFTFAIL 0 2.078 0 2.432 score SPF_NEUTRAL 0 1.379 0 1.069 score SPF_SOFTFAIL 0 1.470 0 1.384 # /gen:mutable endif # Mail::SpamAssassin::Plugin::SPF So the answer to your question is no you shouldn't. Their is no score to cover NONE. -- Gino Cerullo Pixel Point Studios 21 Chesham Drive Toronto, ON M3M 1W6 416-247-7740
