Am 06.01.2015 um 01:32 schrieb RW:
On Tue, 06 Jan 2015 00:46:18 +0100 Reindl Harald wrote:Am 06.01.2015 um 00:06 schrieb RW:On Mon, 05 Jan 2015 22:58:55 +0100 Reindl Harald wrote:Am 05.01.2015 um 22:54 schrieb Benny Pedersen:Reindl Harald skrev den 2015-01-05 18:52:how can "SPF_HELO_PASS,SPF_NONE" fire both?the above is 2 diff testsi know that by myself *but* if the sending domain does not publish any SPF policy then there should be no positive score for "SPF_HELO_PASS"It doesn't have a positive score: score SPF_HELO_PASS -0.001that is a positive score in context of "less spam probability" just because somebody sends a HELO command - frankly all day long zombies send HELO commands of known domains up to fake PTR's if the envelope domain don't push a SPF policy *only* NO_SPF should hitAs I pointed-out the -0.001 is a nominal score assigned to informational rules
yes and no, having 10 wrong informational hits and you are at -0.01 and may make the difference between tag-level or not
The point of helo tests is when they fail. If a compromised host is telling you it's not permitted to send email then what does it matter if the (probably spoofed) envelope domain doesn't have an SPF policy
it's a matter of technical correctness no SPF on the envelope domain, no SPF * OK: SPF_PASS * OK: SPF_PASS,SPF_HELO_PASS * OK: SPF_NONE * WRONG: SPF_NONE,SPF_HELO_PASS one can argue about the severity but the correctness is out of question
signature.asc
Description: OpenPGP digital signature
