Kevin A. McGrail skrev den 2017-06-13 17:56:
I've been thinking a lot about hive protection on rules and
centralizing this type of data.
i will like to go the other way around, make spamassassin rules more
decentraly, with feks ip repution, and uri repution based on maybe to
see dmarc pass, say a spammail have 1 uri links to the payload, this
would be tracked from dmarc as a spam for the dmarc record signed domain
if learned with spamassassin -r
if its not dmarc pass, learn all ips and urls as spam
but not for url domains that are skipped testing, my above algo will
imho not be beaten from spammmers side, but we miss dmarc still and
repution localy tracked
just my own 3 euro, maybe i should have it in bitcoin :)