On 11/26/2017 12:04 PM, Dave Jones wrote:
The current 60_whitelist_spf.cf is 11 years old. What does everyone
think about starting a 60_whitelist_auth.cf and extending this list to
known good senders like *@alertsp.chase.com and *@email.dropboxmail.com?
My SA platform has very good results with thousands of whitelist_auth
entries but 98% of the SA users are not going to know to create/manage
these entries themselves. Combined with other rules this also helps
with spoofing legit senders like the IRS, Bank of America, etc. I am
not suggesting we put thousands of entries in the new
60_whitelist_auth.cf but the common, high-profile, large senders that
often get spoofed.
The current list of def_whitelist_from_spf entries is very beneficial
and should be extended now that SPF and DKIM are widely deployed and
are being taken seriously by the major mail hosting providers like
Google.
+1
KAM
