Matthew(_dot_)van(_dot_)Eerde(_at_)hbinc(_dot_)com wrote:
Nah. Create SpamAssassin rules like
SPF_FORGERY_PROBABILITY_UNDER10
SPF_FORGERY_PROBABILITY_10TO40
SPF_FORGERY_PROBABILITY_60TO90
SPF_FORGERY_PROBABILITY_OVER90
that are worth positive or negative points.
Okay, I get it. But I don't see it as a big win. If I'm to the point
where I'm running SpamAssassin, that means I've at least already gotten
to the DATA phase of the connection. In that case, there are better
tools than SPF at my disposal, like Bayesian filtering. I see SPF as
mainly useful in the pre-DATA phase. I recognize there's room for
debate here, though.