Am 07.01.2015 um 14:47 schrieb Matus UHLAR - fantomas:
what if there would be SPF_HELO_FAIL?
SA would not be called at all
Maybe you could disable checking SPF_HELO, but some of us don't want that.
the question is who are "some" and who are the majorityyou can even socre "SPF_HELO_SOFTFAIL" and "SPF_HELO_FAIL" *without* end in "SPF_HELO_PASS,SPF_NONE"
meta __SPF_FULL_PASS 0 meta __SPF_RANDOM_SENDER 0 score SPF_HELO_PASS 0 score SPF_NONE 0.05 score SPF_PASS -0.05 score SPF_HELO_SOFTFAIL 0.5 score SPF_HELO_FAIL 1.5
You can _NOT_ know if SPF HELO fails before you do the test
if it fails the message get rejected before SAwhat i want to avoid is such envelope-independent tests giving a message pointless positive karma
...and if it's the policyd who checks for SPF on your system, it's too late to blame SA
for SPF hard fail SA comes too late, HELO-SPF SOFTFAIL is pointless because it's testing anyways and a wrong default of policyd-spf was the first false positive of a billing mail on day one with the new MX system months ago (SPF_Not_Pass includes SOFTFAIL)
# HELO check rejection policy. Options are:# HELO_reject = SPF_Not_Pass (default) - Reject if result not Pass/None/Tempfail
signature.asc
Description: OpenPGP digital signature
