einot / gross

Automatically exported from code.google.com/p/gross
Other
1 stars 2 forks source link

SPF check Whitelisting #83

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
What's the problem with the current implementation?
The problem is related to some well known hosts which has SPF records
verified but still greylisting them like gmail or yahoo.

What would you like to be done?
I saw that there is SPF check implementation in svn version. I want to
suggest that to put SPF check whitelisting option there too. It means that
if it checked and verified the SPF record of the domain with the connecting
host with Success then there is no need to still greylist the connection,
it can be accepted.

Original issue reported on code.google.com by hash...@gmail.com on 28 Nov 2009 at 9:10

GoogleCodeExporter commented 9 years ago
What you request would actually be a bug, not a feature: Just because domain X 
has an SPF record, and just because an e-mail from X validates against their 
own SPF record, does NOT mean, it is not spam. Only a fraction of the spammers 
care to go to that length to register their own domains and set up an SPF 
records, but some do. Most of these spam domains are rather short lived.

What I recommand, though, is to use SPF the other way round: If the envelope 
from sender's domain has an SPF record, and if that does not match against the 
sender's IP address, then that e-mail should be greylisted even, if none of the 
DNSBL matches or even an DNSWL matches.

Original comment by pet...@teltarif.de on 15 Jul 2012 at 12:55