Thomas Bolioli wrote:
You are speaking for me... This became a very relevant topic when the spf tests were packaged with SA by default. As someone who is having a major issue with spf, it is very important that those making these decisions here about the issues that most are having with SPF. It was not ready for primetime, and as such, it should have been rolled out differently.
Perhaps I'm missing what the apparent major issue is with SpamAssassin having an SPF plugin is, but I'll suggest this anyway:
- if the SPF checks in SA are causing problems for your incoming mail then don't use the SPF checks - if you're afraid that SA's SPF checks are going to cause problems for your outgoing mail when received by remote domains, then don't publish SPF records - if you want the benefit of SPF based whitelisting but don't want to risk FPs due to hits on SPF_FAIL, etc, zero the scores for the SPF_* rules and just use the SPF based whitelist component (which, by design, will still work, and work efficiently, with the SPF_* rules disabled) Daryl
