On 05/11/2020 21:54, Victor Sudakov wrote: > An SPF fail is by no means a sure sign of spam. It can be some indicator > of spamicity (as I thought), but not a decisive sign thereof.
SPF was never designed to be anti-spam, although on face value it does have that ability given that spammers impersonate domains, it is one of many tools required required in that battle. I was an early adopter of SPF, in its very very early stages, There are some rare instances in early days where SPF may break in some forwarding cases, but for well over a decade most forwarders re-write sender so its not a problem, it's never been a problem with mailing lists for me either, unlike DKIM, I've never experienced any deliverability problems due to SPF, but YMMV. Microsofts SRS however gave a lot of headaches with mailing lists and was such a flop even Microsoft advises against its use. > doubt the wizdom of rejecting hard SPF fails in the MTA Why? Because a handful of people are too clueless to keep their records up to date? They set those records in first place to prevent spoofing, they know the risks they know if they change AS's or suppliers they have to modify those records, I mean FFS, they change all other records to new IP's don't they, so frankly they get what they deserve if they can't be bothered. >> i just think default score is made for spamass milter users with do rejects >> of spam mails, but why not honner spf fail rejections, hmm If they set a softfail, they dont really care if that domains is spoofed, or it just isn't an important domain, I adjust my SA rules to force softfails as spam , I hard reject hardfails on MTA, and I also null out any and all whitelisting in SA, trust must be earned, not assumed. -- Regards, Noel Butler This Email, including attachments, may contain legally privileged information, therefore at all times remains confidential and subject to copyright protected under international law. You may not disseminate this message without the authors express written authority to do so. If you are not the intended recipient, please notify the sender then delete all copies of this message including attachments immediately. Confidentiality, copyright, and legal privilege are not waived or lost by reason of the mistaken delivery of this message.
