Milter-greylist

On Sun, Apr 29, 2007 at 05:02:22PM +0200, Seth Mos wrote:
> Seriously though, you should allow as much mail as you can without delay
> if you can verify the sending party. If the spf record matches it is very
> likely that the sending party is a normal mail server and you would get
> the message anyways.

A spammer can operate by usurpating a sender address within a domain where
SPF allows mail from any source.

I think you can use SPF as a very sharp negative hint: if it fails, then 
the mail should probably be rejected. If it passes, and if it is in some
domain you know for having a restricted set of senders in the SPF record, 
then you should probably whitelist. In other cases, I'm not sure it should
weight in either side.

-- 
Emmanuel Dreyfus
manu@...