Le 7 nov. 06 à 23:02, Leonardo Rodrigues Magalhães a écrit : > > > Xavier Beaudouin escreveu: >> Hi there, >> >> Hum... Is there any plans to add SPF support and use it to >> autowhitelist some trusted / big mail farms (eg for example >> gmail.com, aol.com, etc...).. >> >> Eg : if IP is in the whitelist of SPF record, then whitelist the ip >> without adding it manualy in the sql db ? >> > > Getting OK for SPF records is not as good as some may think. > Getting > a NOT-OK is bad, but getting OK doesnt means it's good mail. > > Spammers can easily setup a domain and get a SPF record or they > can > even spoof a domain which doesnt published a SPF record. > > With the actual whitelist features from policyd i can successfully > whitelist big ISPs/farms with no problems. I love using > whitelist_dnsname for that. With 2-3 entries, usually you can > whitelist > whole ISPs, doesnt matter it's size.
What I wanted to say is a middle feature that is made with whitelist_dnsname and spf entry. Eg whitelist_spf_dnsame for example that allow policyd whitelist ips / servers from spf entry for specific dns name using spf entry... Because whitelist_dnsname can be..... forged for example. /Xavier ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ policyd-users mailing list policyd-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/policyd-users
