Am 07.10.2011 20:24, schrieb Dave Warren: > On 10/7/2011 1:12 AM, Robert Schetterer wrote: >> in my eyes the whole idea of spf was broken from beginning >> but do what you want, no need for flame >> in my real world it makes more problems then helping in antispam >> i removed spf checks from my servers, in spamd its used with nearly no >> points >> there are better more effective ways to reject unwanted mails >> but youre free, do it like you want, analyse your logs >> then you will see, if it helps at your side >> everbody has its own spam, there are less >> universal recommands, antispam is daily work in analyse and reaction > > The trick with SPF is to stop using it for rejecting mail, it doesn't do > a good job at that.
jep It's not really a spam-fighting technique at all, > as much as an identification technique. What you do with that jep > identification is where it gets interesting; what it does do well is > allow you to whitelist known-good (or at least wanted) senders, allowing > you to exempt mail you know you want from expensive content filtering. > > PayPay is a good example, love 'em or hate 'em, there's no point running > mail from PayPal through any sort of content based spam filtering, and > SPF can tell you that a message claiming to be from PayPal really is > from PayPal (but it can't reliably tell you that a message *isn't* from > PayPal, due to forwarding, possible DNS problems, possible SPF > configuration errors, etc) in my case there is so less left, passing postscreen, rbls, greylisting, clamav-milter with sanesecurity and few other smtp checks, that nearly null i.e faked paypal mail getting at last to spamassassin where its stopped mostly by other rules and rejected by spamass-milter, so using spf check isnt hardly needed anymore, until in most cases its useless or does make trouble, but feel free using spf-checks as you want it may help in some setups > > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria