-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hamish Marson wrote: > Loren Wilton wrote: >>>> Yeah, I know about the SPF checks... But I meant does SA >>>> currently do anything with digital signatures to verify that >>>> the sender really is the sender & apply a -ve score. >>> Other than the SPF type header checks I don't believe so. >>> Certainly not any pgp blocks or the like in the body of the >>> mail. >>> >>> This probably wouldn't be too hard to do in a plugin if someone >>> wanted to. >>> >>> Of course, like SPF, this really isn't an anti-spam sort of >>> thing. All we would know is that the spammer bothered to get >>> his own pgp key or the like. (That said, a lot of spammers are >>> stupid, so giving positive points to failed checks might be >>> useful.) > > More authentication... Anti-spoofing... Which helps when trying to > differentiate what only looks spammy... > > I went through a few airlines & travelagents... I could only find > one with an SPF record (Although I didn't do an exhaustive search, > just ones I could think of off hand). Any chance it could be added > to the SPF whitelists? (Two records, because I'm not sure which one > is used for eTicketing & disruption notices etc). > > ba.com. 86400 IN TXT "v=spf1 mx > ip4:163.166.43.0/24 -all" britishairways.com. 86400 IN TXT > "v=spf1 mx ip4:163.166.43.0/24 -all" > > (There's no digital signing on the emails AFAIK, so dkim isn't an > option yet). >
Apologies... Travelocity also have an SPF record travelocity.com. 900 IN TXT "v=spf1 ip4:151.193.165.14 ip4:151.193.165.154 ip4:151.193.165.224 ip4:151.193.165.236 ip4:151.193.165.237 ip4:151.193.165.238 ip4:151.193.220.17 ip4:151.193.220.19 ip4:151.193.165.210 ip4:151.193.165.211 ip4:151.193.167.5" > regards Hamish. > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEo8rO/3QXwQQkZYwRApxxAJ41D8u2Gl7JRtBVC57oHFGsaNT/UACfY4Uf nFDBoy7xP5FNBOHwVejDPt4= =ILYZ -----END PGP SIGNATURE-----
