Robert Fitzpatrick wrote:
Joe Quinn wrote:
On 6/9/2016 11:23 AM, Robert Fitzpatrick wrote:
Excuse me if this is too lame a question, but I have the SPF plugin
enabled and it hits a lot. Should SPF_ something hit on every message
if the domain has an SPF record in DNS?
Furthermore, a message found as Google phishing did not get a hit on a
email address where the domain has SPF setup. Not sure if it would
fail anyway if the envelope from is the culprit?
In a perfect world, every message you scan will hit one of the following:
SPF_HELO_NONE
SPF_HELO_NEUTRAL
SPF_HELO_PASS
SPF_HELO_FAIL
SPF_HELO_SOFTFAIL
T_SPF_HELO_PERMERROR
T_SPF_HELO_TEMPERROR
And additionally one of the following:
SPF_NONE
SPF_NEUTRAL
SPF_PASS
SPF_FAIL
SPF_SOFTFAIL
T_SPF_PERMERROR
T_SPF_TEMPERROR
I finally was able to get SPF checks to be more reliable by making sure
Postfix SPF policies were in place. Here is a good read ....
https://github.com/mail-in-a-box/mailinabox/issues/698
Excerpt: It's worth noting that lack of postfix's spf checker renders
spamassassin's flagging impaired because without it spamassassin in my
case is only adding helo_pass and that's all regarding spfs.
Once we got Postfix SPF checks setup using the Python version and
disabling rejects in the config, we now have headers we can be sure are
handled by our custom rules in addition to any SA checks.
--
Robert
