On Sat, Mar 21, 2009 at 03:03:23PM +0600, Sergey Kogan wrote:
>
> I've been experimenting with SPF policy check to drive away spf-aware
> spammers who register bogus 2-nd/3-rd level domains and activate +all
> SPF policy on them. The idea is simple:
>
> - Check incoming IP address against domain SPF policy. Fail if this IP
> is not permitted.
> - \u0421heck some bogus IP-address against the same domain SPF policy. Fail
> if this IP is permitted.
Are you looking for `spf self'?
spf This is used to test SPF status. Possible values are pass, soft\u2010
fail, fail, unknown, error, none, and self. The first six val\u2010
ues are plain SPF validation status. The self value is a special
test that checks the server's local IP address against the
sender's SPF record. If that test validates, odds are good that
the sender SPF record is wide open, and this is hint that SPF
should not be trusted.
> After about a month with a modified spf check it seems that nothing is
> broken, and I have no more spam from domains with too permissive SPF policy.
What about spam from domains with restrictive SPF policies? SPF pass
means nothing nowadays.
Petar BogdanovicMessage
Re: [milter-greylist] SPF improvement
2009-03-21 by Petar Bogdanovic