[Bug 4811] whitelist_from_spf should behave as whitelist_from if sender domain does not have spf

bugzilla-daemon Mon, 27 Feb 2006 17:18:29 -0800

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4811



[EMAIL PROTECTED] changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|normal                      |enhancement




------- Additional Comments From [EMAIL PROTECTED]  2006-02-28 02:17 -------
I'm inclined to say no, the primary reason being:

scotiabank.com.         600     IN      TXT     "v=spf1 ip4:205.210.222.131
ip4:205.210.222.132 ip4:205.210.223.9 ip4:205.210.223.10 ~all"

What happens when I either can't resolve my bank's SPF record, or they stop
publishing it?  Users still get the mail whitelisted, even phish forging the
domain.  IMO that's worse than any of the situations above.

whitelist_from_spf is meant to be a reliable means of whitelisting a sender. 
Falling back to whitelist_from (which is best never used) does nothing for the
reliabilty of whitelist_from_spf.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 4811] whitelist_from_spf should behave as whitelist_from if sender domain does not have spf

Reply via email to