spf-discuss
[Top] [All Lists]

RE: Re: SPF implementations

2005-08-16 11:53:57
-----Original Message-----
From: Stuart D. Gathman [mailto:stuart(_at_)bmsi(_dot_)com] 

o SPF and MAIL FROM (and HELO) are very useful for 
whitelisting and blacklisting senders.  When you whitelist a 
sender, you don't want to whitelist forgeries.  When you 
blacklist a sender, you want to make sure it wasn't forged first.

Agreed, and as an example:

SpamAssassin (now) offers whitelist_from_rcvd (and 
blacklist_from_rcvd) but this requires a pair of 
parameters:  from and received-from

This means that the exact (or wildcarded) transmitting
server must be supplied as the received-from portion.

With SPF one could imagine (new) tests, such as: 

        whitelist_from_SPF_pass 
        whitelist_from_SPF_pass 
        whitelist_from_SPF_nopass

This would cover mail from a particular addres IF
the SPF was also validated, rather than by trying
to name (or write a pattern) for all sending servers.

FYI:  My (LearnQuick.Com) SPF now passes even the "too
many lookups test, AND seems to be covering all possible
servers AND changes my ISP might make to our outbound
SmartHosts.

--
Herb Martin