There is no general option to do this. use 'blockstrictSPFRe' and all mails (from a domain that in there) with failing SPF will be blocked. If you want to skip some test for this domain use the 'skip....' or 'DoNot...' functions in any section you want. It is possible to write on file with such domains and to include this file in any option you want.
Or you can set the domain to noprocessing , set 'SPFNP' and use 'blockstrictSPFRe'. Thomas Von: K Post <[email protected]> An: ASSP development mailing list <[email protected]> Datum: 19.01.2010 19:24 Betreff: Re: [Assp-test] Antwort: noprocess message if SPF passes for a domain Thanks Thomas, but I think I'm looking for slightly different functionality. I'm looking to outright ALLOW mail only for certain domains if the SPF verifies. If SPF verifies for these domains, let the mail through, ignore dnsbl, ignore bayesian, and noprocess. It would be even better if we could still do uribl filtering on these though. The scenario is still facebook. Allow a message through that is sent through facebook no matter what UNLESS a url that's in there is known to be bad (which happens with hijacked facebook accounts). On Tue, Jan 19, 2010 at 12:22 PM, Thomas Eckardt/eck <[email protected]> wrote: > I think 'blockstrictSPFRe' will do what you want. In an other way - but it > is possible. > If you don't want to collect SPF blocked mails configure 'SPFfailLog'. > > Thomas > > > > > Von: K Post <[email protected]> > An: ASSP development mailing list <[email protected]> > Datum: 19.01.2010 16:41 > Betreff: [Assp-test] noprocess message if SPF passes for a domain > > > > I'm having some trouble with our users getting facebook messages and > looking for suggestions on how to fix this. > > Do you think it's a good idea to "no process" message from facebook? > We do see lots of bogus messages from @facebook.com senders, that > don't pass spf validation. Language is the same as the real facebook > messages, just with bad links. These get blocked, which is why lots > of legitimate facebook messages also get blocked. > > What I'd like to do is allow @facebook.com messages to get through as > long as the SPF matches. I'd use noprocessing so they don't add to > the corpus. > > The problem is that I don't think there's a way to do this with the > current v2 of assp. > > How difficult would it be to have a list of domain names (with > wildcard functionality, so *.facebook.com) that match either the mail > from or from lines and have it be that as long as SPF matches, the > message goes through, with no processing? Maybe extend that > functionality to have another list that if the same criteria is met, > it's considered whitelisted. This is sort of like our own internal > senderbase that relys on spf. > > Thanks for the insight. > > ------------------------------------------------------------------------------ > Throughout its 18-year history, RSA Conference consistently attracts the > world's best and brightest in the field, creating opportunities for > Conference > attendees to learn about information security's most important issues > through > interactions with peers, luminaries and emerging and established > companies. > http://p.sf.net/sfu/rsaconf-dev2dev > _______________________________________________ > Assp-test mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > DISCLAIMER: > ******************************************************* > This email and any files transmitted with it may be confidential, legally > privileged and protected in law and are intended solely for the use of the > > individual to whom it is addressed. > This email was multiple times scanned for viruses. There should be no > known virus in this email! > ******************************************************* > > > ------------------------------------------------------------------------------ > Throughout its 18-year history, RSA Conference consistently attracts the > world's best and brightest in the field, creating opportunities for Conference > attendees to learn about information security's most important issues through > interactions with peers, luminaries and emerging and established companies. > http://p.sf.net/sfu/rsaconf-dev2dev > _______________________________________________ > Assp-test mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/assp-test > ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
