> On Tue, 9 Aug 2016 08:45:54 +0000 > Nicola Piazzi wrote: > >> whitelist_from_rcvd is intended to legitimate a single somain, >> specifiing domain by domain >> >> I need something that tell me that check all incoming email and say >> if the originating ip (or class c) is the same of mx record >> >> This can be intended like an SPF_PASS when people doesn t set spf at >> all. > > I think the reason that he mentioned whitelist_from_rcvd is that the > absence of SPF or DKIM doesn't score anything in any of the default > scoresets. >
In fact SPF or DKIM does not tell us anything about spammy (or hammy) ness. Spammers use spf and dkim too. The usefulness of DKIM and SPF is in combination with *specific* domains. So your mx check would also be only useful in combination with *specific* domains. And when you are doing specfic domains then you could just do whitelist_from_rcvd. So I am not sure what your intention is with this MX check. Would you score senders who fail it? Or would you blindly reward (whitelist) servers who match the MX subnet?
