On 26 Nov 2017, at 20:00 (-0500), John Hardin wrote:
On Sun, 26 Nov 2017, Axb wrote:
On 11/26/2017 06:04 PM, Dave Jones wrote:
The current 60_whitelist_spf.cf is 11 years old. What does
everyone think
about starting a 60_whitelist_auth.cf and extending this list to
known
good senders like *@alertsp.chase.com and *@email.dropboxmail.com?
My SA platform has very good results with thousands of
whitelist_auth
entries but 98% of the SA users are not going to know to
create/manage
these entries themselves. Combined with other rules this also
helps with
spoofing legit senders like the IRS, Bank of America, etc. I am
not
suggesting we put thousands of entries in the new
60_whitelist_auth.cf but
the common, high-profile, large senders that often get spoofed.
The current list of def_whitelist_from_spf entries is very
beneficial and
should be extended now that SPF and DKIM are widely deployed and
are being
taken seriously by the major mail hosting providers like Google.
+1
Pls remember the "ifplugin" :)
+1 as well.
Conditional +1 from me...
Any whitelisting in the default ruleset should carry MUCH lower weight
than local explicit whitelisting. See scoring for USER_IN_* rules as a
template. Frankly, half of the 6 entities in today's commit have spammed
me personally AND hit pure spamtraps multiple times over the space of
years. While I will stipulate that they mostly send legit mail to people
who want it, I also know with absolute certainty that they also send
mail to people who they have no business mailing and repeatedly to
addresses that no legitimate sender would try sending to more than once.
NO sender should get a default -100 just because we (SA maintainers)
think they generally mean well.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole