http://bugzilla.spamassassin.org/show_bug.cgi?id=3417
------- Additional Comments From [EMAIL PROTECTED] 2004-05-25 09:44 ------- Subject: Re: New Rule: Checking sender IP against MX records From: [EMAIL PROTECTED] On Tue, May 25, 2004 at 09:18:29AM -0700, [EMAIL PROTECTED] wrote: > Hmmm, where can I read abount SPF? http://spf.pobox.com/ > I think, DNS requests will be cached effectivly... That's not my issue. "MX" is meant to specify who receives mail for given domain/host/etc. It's now suggested to overload MX to also mean who can send mail for give domain/host/etc. Also, if I have several machines, all of which are allowed to send mail for my domain, I have to add more 1 record per-domain. Not only is that asking for errors, it's also making the DNS response larger -- which could mean that it'll have to go TCP instead of UDP, which has a huge impact on DNS performance. With SPF, I only need to add 1 record which allows them all. > >> About 98% of spam flag on this test > >> About 50% of ham flag off this test > > No! It rule like AWL, like good whitelist - it very effective, may be we shold > revert flag and assign score<0 (-1.6 for example) I must be missing something... If the rule hits on 98% of spam, but also 50% of ham, the rule sucks. It'll have an S/O ratio of somewhere in the 0.6-0.7 range (assuming equal amounts of ham/spam). > I think this rule will be in top20 best rules. This isn't an anti-spam rule, it's an anti-joejobbing rule, so it's not going to be in the top 20 anti-spam rules. For instance, this rule would allow "bugzilla.spamassassin.org" to send mail as "kluge.net" (it's a backup MX for my domain), whereas I would consider that a forgery since it's not an outgoing mail server for my domain. With SPF I can clearly specify who I allow sending mail using my domain. The reverse is also true (kluge.net would be allowed to send as bugzilla.spamassassin.org...) ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
