Yes, we use SPF in Exim here. Basically, we just reject anything that gets an SPF fail. We have however also had to create a 'white list' of external senders that send on our behalf to us, using our domain names. We are rejecting several hundred thousand messages a week, about 50%. Most of the rejects are spam using our domain names as the supposed sender.
Dan Sent by: [email protected] To: [email protected] cc: (bcc: Dan Mitton/YD/RWDOE) Subject: [exim] Exim and SPF LSN: Not Relevant - Not Privileged User Filed as: Excl/AdminMgmt-14-4/QA:N/A Is anyone using SPF in Exim? I'm still trying to figure out a use for it. One thing I thought of is a way of determining who is forwarding email. If SPF doesn't match but the email is clearly not spam then the sending host might be forwarding email and might make it on a list of legit forwarders. Might be a way of detecting spammers who use SPF by the hosts they reference in their SPF record. I might send out notices to those with too restrictive of SPF that their email might bounce if the recipient uses hosted spam filtering. What are the rest of you doing with SPF? -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
