Em Wed, 11 Jul 2012 18:22:49 -0400
dar...@chaosreigns.com escreveu:

> On 07/11, Josef Karliak wrote:
> >   within a few days we've spams from domains that has "+all" in the
> > TXT spf record. I was thinking that I'll make a plugin that check
> > this records and add some point to this email, but I do not know
> 
> Your best chance may be to open a spamassassin bug requesting it.  I'd
> guess it wouldn't be too hard to add to the existing SPF plugin.  The
> more information you can provide showing this happens with spam, and
> does not tend to happen with non-spam, the better.  It would get run
> through the re-scoring process with a testing flag to determine if
> it's actually useful, and what the optimal score is, before being
> published via sa-update.  Well, you'd also need to update your SPF
> plugin to be able to use it....
> 
>   "v=spf1 +all"
>    The domain owner thinks that SPF is useless and/or doesn't care.
> - http://www.openspf.org/SPF_Record_Syntax
> 
> That's a *really* unprofessional way to say "Everything in this domain
> passes SPF."
> 
> 

right, or better, this domain is using spf only for having it, means
nothing ...

IMO any of this spf politic options + ? ~ are making the SPF record
worthless

but I think the -all option should be considered as valid, because at
least the sys-admin gives instruction to reject what is not defined by
his SPF record. So it should be treated by the receiver MTA as it is
meant.


Hans







-- 

XTrade Assessory
International Facilitator
BR - US - CA - DE - GB - RU - UK
+55 (11) 4249.2222
http://xtrade.matik.com.br

Reply via email to