spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nicola Piazzi <Nicola.Pia...@gruppocomet.it>
Subject R: R: A plugin to legitimate email when SPF and DKIM missing
Date Tue, 09 Aug 2016 15:19:08 GMT
I dont know if you want to find a solution of if you want to say why i am searching one.
Reason is this :
I have SPF_PASS, a variable that tell me that who send is proprietary of that domain
I KNOW PERFECTLY THAT SOMEONE CAN TELL SPAM WITH A PURCHASED REGULAR NON SPOOFED DOMAIN
But I can combine SPF_PASS with a list of email address, for example, but not all put SPF
in dns, so with MX I have another chance


Nicola Piazzi
CED - Sistemi
COMET s.p.a.
Via Michelino, 105 - 40127 Bologna - Italia
Tel.  +39 051.6079.293
Cell. +39 328.21.73.470
Web: www.gruppocomet.it



-----Messaggio originale-----
Da: Merijn van den Kroonenberg [mailto:merijn@web2all.nl] 
Inviato: martedì 9 agosto 2016 16:41
A: users@spamassassin.apache.org
Oggetto: Re: R: A plugin to legitimate email when SPF and DKIM missing

> On Tue, 9 Aug 2016 08:45:54 +0000
> Nicola Piazzi wrote:
>
>> whitelist_from_rcvd is intended to legitimate a single somain, 
>> specifiing domain by domain
>>
>> I need something that tell me that check all incoming email and say 
>> if the originating ip (or class c) is the same of mx record
>>
>> This can be intended like an SPF_PASS when people doesn t set spf at 
>> all.
>
> I think the reason that he mentioned whitelist_from_rcvd is that the 
> absence of SPF or DKIM doesn't score anything in any of the default 
> scoresets.
>

In fact SPF or DKIM does not tell us anything about spammy (or hammy) ness. Spammers use spf
and dkim too. The usefulness of DKIM and SPF is in combination with *specific* domains.

So your mx check would also be only useful in combination with *specific* domains. And when
you are doing specfic domains then you could just do whitelist_from_rcvd.

So I am not sure what your intention is with this MX check. Would you score senders who fail
it? Or would you blindly reward (whitelist) servers who match the MX subnet?



Mime
View raw message