Where is this senderbase whitelist you're referring to? I don't see it in the ASSP interface.
-----Original Message----- From: GrayHat [mailto:[email protected]] Sent: Tuesday, February 24, 2009 12:53 AM To: [email protected] Subject: Re: [Assp-user] Avoiding Whitelisted Spam -- What about legitimate incoming mail from non-MX servers? >> ;; ANSWER SECTION: >> 76.214.244.199.test.senderbase.org. 20220 IN TXT "0-0=1|1=Capital One Financial|>> 2=3.8|3=4.7|4=701310|5=CommercialBanks|6=1097799144|7=4|8=1544| Financial|>> 9=1|10=Y|20=iron01.|21=capitalone.com|22=Y|23=3.8|24=4.7|25=104 Financial|>> 9184000|41=1.6|43=1.2|440.25|45N|46=21|48=24|49=1.00|50=Richmon Financial|>> d|51=VA|53=US|54=-77.4801|" > Perhaps there is something that I am failing to understand, but I > don't see how this is safe. The MX servers are the machines to > which your mail to the company should be directed. All you've > proven is that the MX servers belong to the company. No :) I've performed the test on the MX just to find out the orgname in senderbase, after that, I've added the senderbase "orgname" to the ASSP "senderbase whitelist" so that *ANY* IP address which belongs to that orgname will be considered whitelisted; you were probably confused by the MX lookup which in reality was just a way to find out those infos; then there's the "SPF strict"; since the capitalone.com domain publishes an SPF record but since they used "~all" in place of "-all" we may add an additional layer of filtering by adding the domain to the "SPF strict" ones so that the ASSP will consider that "~all" as a "-all"; so, we have a whitelist (senderbase) and a tighter SPF check and both together usually (in my experience) work well enough; sure it isn't a "silver bullet" yet the approach helps avoiding spoofed spam ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
