On Fri, Jun 25, 2004 at 04:02:00AM -0700, David Lawless wrote:
|
| I'm thinking I'd like to configure SPF on our MTA to block *all*
| mail that does not get a "pass" rating from SPF and doesn't also
| pass one of the better RHSBLs. Since messages will bounce
| immediately, the sender will know and can simply pick up the
| telephone and call. I'll mention that in the rejection message!
| If they can't manage to publish SPF or use a telephone, we can
| live without their correspondence.
Mail::SPF::Query provides this option:
fallback => { "foo.com" => { record => "v=spf1 a mx -all", OPTION =>
VALUE },
"*.foo.com" => { record => "v=spf1 a mx -all", OPTION =>
VAULE }, },
So you can configure a fallback for "*." to be "v=spf1 a/24 mx/24 ptr -all"
But you might want to set this up in testing mode to see
what breaks --- what you've proposed is pretty extreme for 2004.