> Is SPF the best way to handle bogus emails that came from whitelisted > addresses? For instance, I have a popular banking website whitelisted, > but occasionally will receive spam from the address that I whitelisted > that obviously isn't from the bank.
Could I know the domain name for that bank ? Asking that, since in some cases, even if the bank doesn't publish an SPF record (which in the case of banks and the like would be a *GOOD* idea) you may use the senderbase whitelisting (latest 1.5.1 has it) to whitelist all the IPs belonging to that bank w/o having to whitelist an address... which may be spoofed :) the same goes for a number of organizations, you may set then up to "SPF strict" and then add their senderbase description (or regepx) to ASSP so that you'll receive all the valid emails from them but you'll also drop all spoofed ones :) ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
