Meng Weng Wong wrote:
but really the point of the report is to know when your legitimate
users
are all in the fold; knowing when joe-jobs happen isn't very useful.
which is why i thought once every 24 hours would be good enough.
Assuming you wait until they are all in the fold before changing
softdeny to deny, and since softdeny still delivers the email in
question and adds a Received-SPF header, could you not just parse all
incoming emails for this header and determine which were to be denied
based on the header?
Of course after going to full deny you would have no way of determining
denies, so the report mechanism still has merit, however most of the
discussion I've seen relating to it is for pre-sunrise identification of
misconfigurations.
---
Dustin D. Trammell
Vulnerability Remediation Alchemist
Citadel Security Software, Inc.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)½§Åv¼ð¦¾Øß´ë�ù1I�í-»F�qx(_dot_)com