Re: Spamassassin and SPF records with "+all"

Thu, 12 Jul 2012 00:34:10 -0700 

  Hi everybody,
  thanks for answers.
  Many of the "spamming" domains has a TXT record:
  "v=spf1 +all".
Or the name record types and at the end of the record they put "+all" anyway. So I can send spam by theirs domain, I'm authorized by this record. That is wrong. Ok, not everyone uses only dedicated servers for sending emails - in that case we may agree with softfail (~all) or neutral (?all). But not every email (+all), grrr :). I don't want reject emails from +spf domains, only add a few points, but only to the emails with "+all" 
  I tried "META ..." mentioned in some post, I'll see.
  Thanks
  J.K.


Cituji Martin Gregorie <mar...@gregorie.org>:


On Wed, 2012-07-11 at 21:34 +0200, Josef Karliak wrote:

Good evening,
   within a few days we've spams from domains that has "+all" in the
TXT spf record.


All SPF can do is check that the sender has a valid IP for that domain,
i.e. that the sender's domain wasn't forged. SPF cannot and should not
be used to flag mail as spam if the sender is a legitimate member of the
source domain. This is regardless of whether you think the mail as spam
or ham.

FWIW I think SPF's main use is in avoiding backscatter, e.g. if a
spammer forged your address as sender and his target domain is bouncing
rejected mail back to you. It does this well, but I don't think its of
any use at all for detecting spam other than possibly adding a few
points for an SPF-FAIL. However, as SPF records aren't necessarily
correct (they may never have been tested properly or possibly were not
updated with MX changes) how are you proposing to improve on what SA
currently does?


Martin







--
Ma domena pouziva zabezpeceni a kontrolu SPF (www.openspf.org) a
DomainKeys/DKIM (with ADSP) . Pokud mate problemy s dorucenim emailu,
zacnete pouzivat metody overeni puvody emailu zminene vyse. Dekuji.
My domain use SPF (www.openspf.org) and DomainKeys/DKIM (with ADSP)
policy and check. If you've problem with sending emails to me, start
using email origin methods mentioned above. Thank you.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

Attachment: bin0r2ymivlVE.bin
Description: Veřejný PGP klíč

Reply via email to