On Sun, 26 Nov 2017, Axb wrote:
On 11/26/2017 06:04 PM, Dave Jones wrote:
The current 60_whitelist_spf.cf is 11 years old. What does everyone think
about starting a 60_whitelist_auth.cf and extending this list to known
good senders like *@alertsp.chase.com and *@email.dropboxmail.com?
My SA platform has very good results with thousands of whitelist_auth
entries but 98% of the SA users are not going to know to create/manage
these entries themselves. Combined with other rules this also helps with
spoofing legit senders like the IRS, Bank of America, etc. I am not
suggesting we put thousands of entries in the new 60_whitelist_auth.cf but
the common, high-profile, large senders that often get spoofed.
The current list of def_whitelist_from_spf entries is very beneficial and
should be extended now that SPF and DKIM are widely deployed and are being
taken seriously by the major mail hosting providers like Google.
+1
Pls remember the "ifplugin" :)
+1 as well.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[email protected] FALaholic #11174 pgpk -a [email protected]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Men by their constitutions are naturally divided in to two parties:
1. Those who fear and distrust the people and wish to draw all
powers from them into the hands of the higher classes. 2. Those who
identify themselves with the people, have confidence in them,
cherish and consider them as the most honest and safe, although not
the most wise, depository of the public interests.
-- Thomas Jefferson
-----------------------------------------------------------------------
241 days since the first commercial re-flight of an orbital booster (SpaceX)
