On Sat, 22 Sep 2018 08:48:43 -0400 Kevin A. McGrail wrote: > On 9/19/2018 6:00 AM, Matus UHLAR - fantomas wrote: > > # SPF THAT DOESN'T REALLY CARE IF EMAIL IS A FORGERY > >> ifplugin Mail::SpamAssassin::Plugin::AskDNS > >> askdns JMQ_SPF_NEUTRAL_ALL _SENDERDOMAIN_ TXT /^v=spf1 .+\?all$/ > >> describe JMQ_SPF_NEUTRAL_ALL SPF set to ?all! > >> score JMQ_SPF_NEUTRAL_ALL 0.5 > >> endif > > > > do you not check for "+all" by a reason? > > Would you believe I thought we were? I misread the regex like a year > ago. Updating now.
/^v=spf1 .+(\?|\+)all$/ .+ should be .* or it wont match 'v=spf1 +all' I would remove the '$' as it doesn't appear do anything useful and could prevent matches on weird spf records. It may be worth splitting them into two rules for '?' and '+', there's no dns overhead and they seem like significantly different cases.
