Hamish Marson writes: > Loren Wilton wrote: > >> Yeah, I know about the SPF checks... But I meant does SA > >> currently do anything with digital signatures to verify that the > >> sender really is the sender & apply a -ve score. > > > > Other than the SPF type header checks I don't believe so. > > Certainly not any pgp blocks or the like in the body of the mail. > > > > This probably wouldn't be too hard to do in a plugin if someone > > wanted to. > > > > Of course, like SPF, this really isn't an anti-spam sort of thing. > > All we would know is that the spammer bothered to get his own pgp > > key or the like. (That said, a lot of spammers are stupid, so > > giving positive points to failed checks might be useful.) > > More authentication... Anti-spoofing... Which helps when trying to > differentiate what only looks spammy... > > I went through a few airlines & travelagents... I could only find one > with an SPF record (Although I didn't do an exhaustive search, just > ones I could think of off hand). Any chance it could be added to the > SPF whitelists? (Two records, because I'm not sure which one is used > for eTicketing & disruption notices etc). > > ba.com. 86400 IN TXT "v=spf1 mx > ip4:163.166.43.0/24 -all" > britishairways.com. 86400 IN TXT "v=spf1 mx > ip4:163.166.43.0/24 -all" > > (There's no digital signing on the emails AFAIK, so dkim isn't an > option yet).
(a) first off, check to ensure that the etickets/notices really *are* coming from the SPF-listed ranges. Many senders have outsourced this kind of function, have different depts working on the SPF record vs the eticketing systems, and some senders are -- to be honest -- quite incompetent in this respect. ;) Not that I'm saying BA are, but it's worth checking anyway... (b) also, if the etickets do *not* hit many rules, and are safely marked as nonspam, it's best not to add a whitelisting when it's not required -- since there's no guarantee the whitelist will always match those mails in future (a side-effect of the (a) problem). (c) if it does work out as a good idea, open an enhancement request at our bugzilla to ensure the request doesn't get forgotten. Feel free to attach sample mail(s), with sensitive info removed or obscured; we're more likely to add the whitelisting if we can verify that it works. --j.
