Em Wed, 11 Jul 2012 18:22:49 -0400 dar...@chaosreigns.com escreveu: > On 07/11, Josef Karliak wrote: > > within a few days we've spams from domains that has "+all" in the > > TXT spf record. I was thinking that I'll make a plugin that check > > this records and add some point to this email, but I do not know > > Your best chance may be to open a spamassassin bug requesting it. I'd > guess it wouldn't be too hard to add to the existing SPF plugin. The > more information you can provide showing this happens with spam, and > does not tend to happen with non-spam, the better. It would get run > through the re-scoring process with a testing flag to determine if > it's actually useful, and what the optimal score is, before being > published via sa-update. Well, you'd also need to update your SPF > plugin to be able to use it.... > > "v=spf1 +all" > The domain owner thinks that SPF is useless and/or doesn't care. > - http://www.openspf.org/SPF_Record_Syntax > > That's a *really* unprofessional way to say "Everything in this domain > passes SPF." > >
right, or better, this domain is using spf only for having it, means nothing ... IMO any of this spf politic options + ? ~ are making the SPF record worthless but I think the -all option should be considered as valid, because at least the sys-admin gives instruction to reject what is not defined by his SPF record. So it should be treated by the receiver MTA as it is meant. Hans -- XTrade Assessory International Facilitator BR - US - CA - DE - GB - RU - UK +55 (11) 4249.2222 http://xtrade.matik.com.br