Auteur: David Woodhouse Date: À: Marc Perkel CC: exim-users Sujet: Re: [exim] SPF Question
On Sun, 2005-01-02 at 14:23 -0800, Marc Perkel wrote: > OK - I suppose if they looked at all the received headers and if any
> matched the SPF record then maybe it would be at least partially useful?
> Is there anything about SPF that is useful? I'm looking for ne tricks
> and this looks like a dead end to me.
SPF can't definitively state that a mail is faked. What it _can_ do is
tell you that a mail is definitely originating from an authorised
sender. Basically it can only say either "yes" or "maybe"; it can't
truthfully say "no" for an address which really does send mail.
Unfortunately it's a "no" which is the really useful result; the result
which SPF can't truthfully offer. Because it's a "no" which tells you
that you can reject the mail.
It's like having a whitelist instead of a blacklist. All you can do is
save yourself a little CPU time by not bothering to run SpamAssassin
over mail from known domains where there's an SPF 'pass' result.
Obviously that's for known domains only -- not just any domains. Lots of
spam has an SPF 'pass' too.
So it has a use, but it's _extremely_ limited and not really worth the
effort. You certainly shouldn't be rejecting for an SPF 'fail' result.