> -----Original Message----- > From: Burton Windle [mailto:[EMAIL PROTECTED] > Sent: Monday, August 14, 2006 9:27 AM > To: users@spamassassin.apache.org > Subject: Penalizing for SPF being too broad > > Now that even spammers are using SPF, is there a way to > penalize those with SPF records that are too broad? > > [EMAIL PROTECTED]:~$ host -t txt topsyvwkh.net topsyvwkh.net > descriptive text "v=spf1 ip4:51.0.0.0/2 ip4:66.0.0.0/2 > ip4:145.0.0.0/2 ip4:245.0.0.0/2 -all"
If you are using postfix with SPF as well, you can let postfix record the spf records as header info, and write a SA rule to look for idiocy like the above. (not sure if postfix looks at 51.0.0.0/2 and decides its not a valid CIDR block or not, maybe the SA SPF plugin should also look at valid CIDR blocks and invalid CIDR blocks, something like invalid receive ip.s
