Sam Varshavchik wrote: > Ricardo Kleemann writes: > >> Hi, I have SPF configured as follows: opt >> BOFHSPFHELO=pass,none,neutral,softfail,unknown >> opt BOFHSPFMAILFROM=pass,none,neutral,softfail,unknown
I'd also add "error" there, as a precaution >> opt BOFHSPFFROM=pass,none,neutral,softfail,unknown I'd also add "error,mailfromok" there, as a precaution >> opt BOFHSPFTRUSTME=1 >> >> Then I received a spam as if coming from myself, so I went to check >> the headers, I see the SPF headers all stating that SPF check does not >> pass. >> Old-Received-SPF: softfail (Address does not pass the Sender Policy >> Framework) >> SPF=MAILFROM; > > "softfail" is listed in BOFHSPFMAILFROM, so this check passes. > > If you do not want to accept messages that evaluate to "softfail", for > their MAIL FROM address, remove "softfail" from BOFHSPFMAILFROM. Alternatively, terminate the record with -all rather than ~all. Rejecting only on a loud and clear "fail" is the common practice. See http://spf-all.com/ for statistics. ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
