On Tue, Sep 18, 2018 at 12:16 PM Giovanni Bechis <giova...@paclan.it> wrote:
I noticed that Google servers started blocking emails with "suspicious spf
records" like for example:
"v=spf1 include:musvc.com include:turbo-smtp.com mx a +all".
Any idea on how to write a rule to catch something like that ?
On 18.09.18 13:01, Kevin A. McGrail wrote:
It's in KAM.cf, I believe:
# SPF THAT DOESN'T REALLY CARE IF EMAIL IS A FORGERY
ifplugin Mail::SpamAssassin::Plugin::AskDNS
askdns JMQ_SPF_NEUTRAL_ALL _SENDERDOMAIN_ TXT /^v=spf1 .+\?all$/
describe JMQ_SPF_NEUTRAL_ALL SPF set to ?all!
score JMQ_SPF_NEUTRAL_ALL 0.5
endif
do you not check for "+all" by a reason?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Posli tento mail 100 svojim znamim - nech vidia aky si idiot
Send this email to 100 your friends - let them see what an idiot you are