Marrco wrote:
When the SPF check gets anything other than "Pass", RBL and URIBL
work as they should. When SPF returns a "Pass", RBL and URIBL are
skipped.
It is not a bug, it was designed that way.
Is it wrong to skip RBL and URIBL, when the IP is postively verified
by SPF? I do not think so.
Wow, so all a spammer has to do is put a TXT record for spamdomain.com with
v=spf1 +all
And all botnets on dynamic blacklisted IP space will automagically bypass
DNSbl and URIbl ?
It looks to me broken by designs, but maybe I just don't understand your
logic. Comments anyone ?
I have to agree. SPF is not an anti-spam measure. It's simply a
validation that a certain hostname can send mail for a certain domain.
It's great for stopping mailers from spoofing domains, as spammers are
often wont to do. However, it tells us nothing about the spam/nonspam
nature of a mailserver.
Skipping the RBL on positive SPF check is a broken design.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
