Ideally everyone would pass these. meta SPF_HELO_NOT_PASS !SPF_HELO_PASS meta SPF_NOT_PASS !SPF_PASS
These will catch everything that does not have a valid SPF record, including those for domains that have no SPF record. I tested only the most recent 1,000 emails from my inbox, which I haven't been sorting, so it includes all the spam that both SpamAssassin and SpamProbe missed. SPF_NOT_PASS got 180 hits. At least 4 of those were spam. I'm going to sort my email out and do more testing. I'd love to hear what numbers the rest of you get. I expect it to get better over time. Especially if it gets added to the default SA rules. -- "I finally figured out the only reason to be alive is to enjoy it." - Rita Mae Brown http://www.ChaosReigns.com