On 4/23/2015 1:24 PM, A. Schulze wrote:
Hello,
I wrote a little patch for the SPF plugin to detect domains
authenticating any IP by SPF.
Usage:
local.cf
header SPF_PASS_PLUSALL eval:check_for_spf_pass_plusall()
header SPF_HELO_PASS_PLUSALL eval:check_for_spf_helo_pass_plusall()
describe SPF_PASS_PLUSALL SPF: SPF record allow any
sender
describe SPF_HELO_PASS_PLUSALL SPF: SPF record allow any HELO
lang de describe SPF_PASS_PLUSALL SPF: SPF-Datensatz erlaubt
beliebige Senderechner
lang de describe SPF_HELO_PASS_PLUSALL SPF: SPF-Datensatz erlaubt
beliebige HELO-Namen
score SPF_PASS_PLUSALL 0.001
score SPF_HELO_PASS_PLUSALL 0.001
Unfortunately I found also domains not really sending spam use "+all" ¹)
Any comments?
Andreas
¹)
https://listi.jpberlin.de/pipermail/postfixbuch-users/2015-April/062921.html
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7099#c4
Over the past 10 days on a busy production server, we've seen 7164 hits,
of which only 36 are ham.