On 10/7/11 3:49 AM, "Julian Yap" <julianok...@gmail.com> wrote:
> On Thu, Oct 6, 2011 at 3:09 PM, David F. Skoll <d...@roaringpenguin.com>
> wrote:
>> On 7 Oct 2011 00:28:49 -0000
>> "John Levine" <jo...@taugh.com> wrote:
>>
>>>> Does anyone blacklist based on SPF?
>>
>>> Nobody with any interest in delivering the mail that their users want.
>>> The error rate is much, much too high.
>>
>> It depends. I very confidently blacklist mail from "roaringpenguin.com
>> <http://roaringpenguin.com> "
>> that fails to pass SPF. That's my own domain, of course.
>
> What do your rules look like for this scenario?
>
Something like this Unverified Yahoo rule I shameless stole from Mark
Martinec:
header __L_ML1 Precedence =~ m{\b(list|bulk)\b}i
header __L_ML2 exists:List-Id
header __L_ML3 exists:List-Post
header __L_ML4 exists:Mailing-List
header __L_HAS_SNDR exists:Sender
meta __L_VIA_ML __L_ML1 || __L_ML2 || __L_ML3 || __L_ML4 ||
__L_HAS_SNDR
header __L_FROM_Y1 From:addr =~ m{[@.]yahoo\.com$}i
header __L_FROM_Y2 From:addr =~ m{\@yahoo\.com\.(ar|br|cn|hk|my|sg)$}i
header __L_FROM_Y3 From:addr =~ m{\@yahoo\.co\.(id|in|jp|nz|uk)$}i
header __L_FROM_Y4 From:addr =~
m{\@yahoo\.(ca|de|dk|es|fr|gr|ie|it|pl|se)$}i
meta __L_FROM_YAHOO __L_FROM_Y1 || __L_FROM_Y2 || __L_FROM_Y3 ||
__L_FROM_Y4
header __L_FROM_GMAIL From:addr =~ m{\@gmail\.com$}i
meta L_UNVERIFIED_YAHOO !DKIM_VALID && !DKIM_VALID_AU && __L_FROM_YAHOO
&& !__L_VIA_ML
priority L_UNVERIFIED_YAHOO 500
score L_UNVERIFIED_YAHOO 2.5
meta L_UNVERIFIED_GMAIL !DKIM_VALID && !DKIM_VALID_AU && __L_FROM_GMAIL
&& !__L_VIA_ML
priority L_UNVERIFIED_GMAIL 500
score L_UNVERIFIED_GMAIL 2.5
It would be nice to have a construct like "blacklist_unless_spf" or
"blacklist_unless_auth" that did all of this for me...
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281
