On 11/26/2017 06:04 PM, Dave Jones wrote:
The current 60_whitelist_spf.cf is 11 years old. What does everyone
think about starting a 60_whitelist_auth.cf and extending this list to
known good senders like *@alertsp.chase.com and *@email.dropboxmail.com?
My SA platform has very good results with thousands of whitelist_auth
entries but 98% of the SA users are not going to know to create/manage
these entries themselves. Combined with other rules this also helps
with spoofing legit senders like the IRS, Bank of America, etc. I am
not suggesting we put thousands of entries in the new
60_whitelist_auth.cf but the common, high-profile, large senders that
often get spoofed.
The current list of def_whitelist_from_spf entries is very beneficial
and should be extended now that SPF and DKIM are widely deployed and are
being taken seriously by the major mail hosting providers like Google.
Thanks,
Dave
And maybe make the file optional & dump it in
/trunk/rules-extras/ ???
Axb
