On 10/7/2011 12:17 PM, RW wrote:
On Fri, 07 Oct 2011 20:39:24 +0200
Robert Schetterer wrote:
in my case
there is so less left, passing postscreen, rbls, greylisting,
clamav-milter with sanesecurity and few other smtp checks, that nearly
null i.e
faked paypal mail getting at last to spamassassin where its stopped
mostly by other rules and rejected by spamass-milter, so using spf
check isnt hardly needed anymore,
His point was that SPF isn't there to catch spam, it there to identify
legitimate mail from selected domains, and prevent it being falsely
identified as spam.
That's pretty much it. I don't look at it as a spam blocking measure at
all, but rather, it's utility is to avoid whitelisting forged mail.
Prior to SPF, I was apprehensive about whitelisting anything by domain
since domains can be trivially forged, especially if it's a well-known
domain (the domain of a household named company). By only applying
whitelist entries to mail that has a SPF or DKIM pass, I can whitelist
by sender address/domain indiscriminately without fear that a spammer
can take advantage of @paypal.com whitelists.
To me, false positives are a lot more important than filter misses.
Users will tolerate a bit of spam, but blocking even a single legitimate
message is unacceptable (yes, it's a real world risk, but it's still the
goal), so being able to whitelist safely (completely, or just with a
score) is critical.
--
Dave Warren, CEO
Hire A Hit Consulting Services
http://ca.linkedin.com/in/davejwarren
