Re: spf record

To: Marek Podmaka <marki@onee.sk>
Cc: debian-isp@lists.debian.org
Subject: Re: spf record
From: Joe Emenaker <joe@emenaker.com>
Date: Sat, 21 Jan 2006 16:55:34 -0800
Message-id: <[🔎] 43D2D806.2080508@emenaker.com>
In-reply-to: <[🔎] 465576530.20060122010038@onee.sk>
References: <[🔎] 43D0F355.5050503@rcrcomputing.com> <[🔎] 6640D448BFB97BD51DB8591A@dhcp-2-206.wgops.com> <[🔎] 43D10A66.3020502@goirand.fr> <[🔎] 20060120200106.GD549@verkkotelakka.net> <[🔎] 43D14814.5010207@emenaker.com> <[🔎] 20060120234030.GE549@verkkotelakka.net> <[🔎] 43D1867D.3070409@emenaker.com> <[🔎] 20060121135807.GB14124@www.lobefin.net> <[🔎] 43D2A759.70004@emenaker.com> <[🔎] FE9623A6EA9107A7B84AABF5@dhcp-2-206.wgops.com> <[🔎] 465576530.20060122010038@onee.sk>

Marek Podmaka wrote:

  Interesting discussion about SPF... There are actually 2 things to
  think about - one is implementing SPF on DNS for our domains and the
  other is using SPF to limit "bad" incoming mail. In my opinion the
  second one has only advantages. So I would like to ask what do you
  recommend? Integrate it in postfix somehow? Or is it enough to turn
  on SPF checking in SpamAssassin? How?

My first reaction would be that implementing it in your SMTP serverwould only be useful if you were going to reject/bounce stuff on SPFfailures regardless of content.

Like I mentioned earlier, I think that the strong point of SPF is thatit lets you trust your domain-name-based RBL's more. IIRC, SpamAssassin3 already checks SPF by default (you have to have the Mail::SPF::Queryperl package on your machine)... but it just doesn't assign any scoringto SPF failures or successes.

You can change the scoring by either editing the system-widespamassassin.conf file or by editing the per-user$HOME/.spamassassin/user_prefs. The syntax for adjusting scoring is here:

http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.html#scoring_options

In short, you'd use something like:

   score SYMBOLIC_TEST_NAME n.nn

where SYMBOLIC_TEST_NAME is the name of one of SpamAssassin's testconclusions. For SPF, these would include:

SPF_FAIL           SPF: sender does not match SPF record (fail)
SPF_HELO_FAIL       SPF: HELO does not match SPF record (fail)
SPF_HELO_NEUTRAL       SPF: HELO does not match SPF record (neutral)
SPF_HELO_PASS       SPF: HELO matches SPF record
SPF_HELO_SOFTFAIL       SPF: HELO does not match SPF record (softfail)
SPF_NEUTRAL       SPF: sender does not match SPF record (neutral)
SPF_PASS       SPF: sender matches SPF record
SPF_SOFTFAIL       SPF: sender does not match SPF record (softfail)

and "n.nn" is the amount to increase or decrease the spam score of themessage.

Personally, I'd use the scoring adjustments to increase the score of SPFfailures and then bump up the scores of RBL results.


- Joe**

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply to:

References:
- spf record
  - From: Rodney Richison <rodney@rcrcomputing.com>
- Re: spf record
  - From: Michael Loftis <mloftis@modwest.com>
- Re: spf record
  - From: Thomas Goirand <thomas@goirand.fr>
- Re: spf record
  - From: Juha-Matti Tapio <jmtapio@verkkotelakka.net>
- Re: spf record
  - From: Joe Emenaker <joe@emenaker.com>
- Re: spf record
  - From: Juha-Matti Tapio <jmtapio@verkkotelakka.net>
- Re: spf record
  - From: Joe Emenaker <joe@emenaker.com>
- Re: spf record
  - From: Stephen Gran <sgran@debian.org>
- Re: spf record
  - From: Joe Emenaker <joe@emenaker.com>
- Re: spf record
  - From: Michael Loftis <mloftis@modwest.com>
- Re: spf record
  - From: Marek Podmaka <marki@onee.sk>

Prev by Date: Re: spf record
Next by Date: Re: spf record
Previous by thread: Re: spf record
Next by thread: Re: spf record
Index(es):
- Date
- Thread