Dňa 8. januára 2022 15:27:45 UTC používateľ Julian Bradfield via Exim-users <exim-users@exim.org> napísal:
>So I suppose the question is: if I drop the master-source-built binary >on top of the Debian one, what can I expect to break? IMO nothing will break, except two things: + many ACL & routers presets, which may be missing in default config -- carefuly check after change + security updates from debian -- you will have to watch and apply them by self AFAIK spfquery is used in debian's exim for years, thus i am confused, why it is problem for you right now, especially when most important sites uses SPF in conjunction with DMARC, and you will have problem to build exim with DMARC support in debian after buster, as it has new version of DMARC lib, which fails to build with exim (it requires <1.4). Anyway, checking (pure) SPF only for DMARC enabled sites can leads to false positive/negative results, especially with forwarding... Phishers already know that RFC5321_From is not shown for users, thus can be set to something which will pass SPF, i see them daily... I abandon rejecting mails based on SPF fail some time ago, for now it is logged only (and filled into A-R header) and i do not remember any one failed SPF, which is not rejected latter due multiple RBL listing... For full SPF/DKIM/DMARC chceks i use rspamd... regards -- Slavko -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/