Am 24.04.2015 um 15:50 schrieb Dianne Skoll:
On Fri, 24 Apr 2015 15:38:15 +0200 Reindl Harald <h.rei...@thelounge.net> wrote:well, and how becomes SPF part of the game in case of a throw-away domain as long as "score SPF_NONE 0" - why in the world should a spammer add a TXT record to a throw-away domain?Ummm.... are you really that unclear on the concept? I'll explain it carefully: Spammers know that (some) filters filter less aggressively than normal on an SPF "pass". So they register a throwaway domain and use that in the envelope sender. They publish a TXT record for that domain to ensure they get an SPF pass. There. That wasn't so hard, was it?
and how does that care a SA setup?it's that filters fault to score SPF pass lower instead only penalty SPF fail since *most* spam making it through the filters before SA anyways has SPF_PASS and comes from gmail, hotmail and other freemail providers
score ENV_AND_HDR_SPF_MATCH -0.5 score SPF_NONE 0 score SPF_HELO_NONE 0 score SPF_PASS -0.001 score SPF_HELO_PASS -0.001 score SPF_FAIL 0 0.919 0 0.001 # n=0 n=2 score SPF_HELO_FAIL 0 0.001 0 0.001 # n=0 n=2 score SPF_HELO_NEUTRAL 0 0.001 0 0.112 # n=0 n=2 score SPF_HELO_SOFTFAIL 0 0.896 0 0.732 # n=0 n=2 score SPF_NEUTRAL 0 0.652 0 0.779 # n=0 n=2 score SPF_SOFTFAIL 0 0.972 0 0.665 # n=0 n=2 score FROM_MISSP_SPF_FAIL 0.001 1.000 0.001 1.000 score TO_EQ_FM_DOM_SPF_FAIL 0.001 0.001 0.001 0.001 score TO_EQ_FM_SPF_FAIL 0.001 0.001 0.001 0.001
signature.asc
Description: OpenPGP digital signature
