> My SA platform has very good results with thousands of whitelist_auth entries > but 98% of the SA users are not going to know to create/manage these entries > themselves. Combined with other rules this also helps with spoofing legit > senders like the IRS, Bank of America, etc. I am not suggesting we put > thousands of entries in the new 60_whitelist_auth.cf but the common, > high-profile, large senders that often get spoofed.
Make it dynamic? At dnswl.org we now also provide domain-based trust info (which should only be applied to properly authenticated domains, obviously). — Matthias
