I wonder if any of you have done any analysis of how much spam email is SPF-valid?
For many years, one of my main spam defences has been a reasonably aggressive greylisting strategy. This works well at never seeing the spam from the "fire-and-forget" spambots, but it has the downside of occasionally delaying genuine mail by a few minutes (or up to an hour, depending on the sending MTA's retry strategy), which is particularly annoying when the genuine mail is sending me a one-time code. Of course, the greylisting doesn't work on any spambot that works like a real MTA and retries. So I was wondering what difference it would make if I exempted SPF-valid mail from greylisting. Does one see lots of fire-and-forget but SPF-valid spam? (And the reason I'm asking rather than measuring is that I would have to go to the trouble of setting up SPF - I run Debian, and haven't yet found the need to switch to stock Exim where SPF is a simpler setup.) Julian. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
