-----Original Message-----
From: Stuart D. Gathman [mailto:stuart(_at_)bmsi(_dot_)com]
o SPF and MAIL FROM (and HELO) are very useful for
whitelisting and blacklisting senders. When you whitelist a
sender, you don't want to whitelist forgeries. When you
blacklist a sender, you want to make sure it wasn't forged first.
Agreed, and as an example:
SpamAssassin (now) offers whitelist_from_rcvd (and
blacklist_from_rcvd) but this requires a pair of
parameters: from and received-from
This means that the exact (or wildcarded) transmitting
server must be supplied as the received-from portion.
With SPF one could imagine (new) tests, such as:
whitelist_from_SPF_pass
whitelist_from_SPF_pass
whitelist_from_SPF_nopass
This would cover mail from a particular addres IF
the SPF was also validated, rather than by trying
to name (or write a pattern) for all sending servers.
FYI: My (LearnQuick.Com) SPF now passes even the "too
many lookups test, AND seems to be covering all possible
servers AND changes my ISP might make to our outbound
SmartHosts.
--
Herb Martin