On 08/08, Quanah Gibson-Mount wrote: > For SA 3.4.0, it says in 50_scores.cf: > > # SPF > # Note that the benefit for a valid SPF record is deliberately minimal; it's > # likely that more spammers would quickly move to setting valid SPF records > # otherwise. The penalties for an *incorrect* record, however, are > large. ;) > > However, ".001" does not seem LARGE to me at all. I would expect at > least a "1". Right now there is tons of facebook spam out there > that clearly fails SPF, such as the following: > > > X-Spam-Status: No, score=2.407 tagged_above=-10 required=3 > tests=[BAYES_50=0.8, DKIM_ADSP_ALL=0.8, HTML_FONT_LOW_CONTRAST=0.001, > HTML_MESSAGE=0.001, KHOP_BIG_TO_CC=0.001, RDNS_NONE=0.793, > SPF_FAIL=0.001, T_HEADER_FROM_DIFFERENT_DOMAINS=0.01] autolearn=no > > How is .001 in any way considered a "large" penalty?
As has been said, SPF is kind of a terrible spam indicator: http://ruleqa.spamassassin.org/?daterev=20130808-r1511618-n&rule=SPF_FAIL MSECS SPAM% HAM% S/O RANK SCORE NAME WHO/AGE 0 0.1057 1.4410 0.068 0.40 0.00 SPF_FAIL That says it hits over 10x as large a portion of non-spam as spam. The explanation for the quote is, quite simply, that it is out of date, and you should fix it. -- "As humans, we are taught to forget that we are animals." - forward to Johnny The Homicidal Maniac http://www.ChaosReigns.com
