Author: Peter Bowyer Date: To: Exim, Users Subject: Re: [exim] Exim4 + greylistd + spf
On 07/09/06, Kjetil Torgrim Homme <kjetilho@???> wrote: > On Thu, 2006-09-07 at 08:07 -0700, aurelien wrote:
> > Regarding the SPF, I must have expressed myself wrongly (my english is not
> > good at all). I do not want to reject all the mails that do not follow the
> > SPF, rather the opposite.
> > I would like all the mails that follow the spf to be automatically accepted
> > withiut needing to pass through the greylist.
>
> this may be a bad idea. the spammers were the first to configure SPF
> for their servers...
Correct. If you check SPF, you shouldn't regard an SPF Pass by itself
as an indication of the desirability of the mail - it's simply a data
point to add to the others.
An SPF Pass combined with a whitelist reputation system, however, can
be useful to use to bypass further checking on mail that SPF tells you
has definitely come from an organisation that your whitelist tells you
that you should trust. AOL does this, for example.
Equally, if SPF tells you that a mail has definitely come from someone
on your blacklist, you've more evidence for blocking it.