Milter-greylist

--- In milter-greylist@yahoogroups.com, manu@... wrote:
>
> Jim Hermann <hostmaster@...> wrote:
> 
> > Can I substitute a different IP Address in this racl?
> > Like this:
> > racl blacklist spf  123.123.123.123 msg "your SPF record is wide 
open"
> 
> Not yet, but that's something that would be desirable to implement.

I don't think that the spf self check will be too useful.  I imagine that 
almost everyone has authorized more than one email server to send 
email on behalf of their domain name.  If one authorized email server 
receives email from another authorized email server, the spf self check 
will fail. 

For example, here is the SPF records for sourceforge.net:

sourceforge.net.        7200    IN      TXT     "v=spf1 
redirect=_spf.sourceforge.com"

_spf.sourceforge.com.   7200    IN      TXT     "v=spf1 
ip4:66.35.250.0/24 ip4:12.31.165.64/27 ip4:208.48.95.16/28 
include:gmail.com ?all"

gmail.com.              139     IN      TXT     "v=spf1 
redirect=_spf.google.com"

_spf.google.com.        99      IN      TXT     "v=spf1 ip4:216.239.32.0/19 
ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 
ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ?all"

Jim