On 9/22/2018 9:55 AM, RW wrote: > On Sat, 22 Sep 2018 08:48:43 -0400 > Kevin A. McGrail wrote: > >> On 9/19/2018 6:00 AM, Matus UHLAR - fantomas wrote: >>> # SPF THAT DOESN'T REALLY CARE IF EMAIL IS A FORGERY >>>> ifplugin Mail::SpamAssassin::Plugin::AskDNS >>>> askdns JMQ_SPF_NEUTRAL_ALL _SENDERDOMAIN_ TXT /^v=spf1 .+\?all$/ >>>> describe JMQ_SPF_NEUTRAL_ALL SPF set to ?all! >>>> score JMQ_SPF_NEUTRAL_ALL 0.5 >>>> endif >>> do you not check for "+all" by a reason? >> Would you believe I thought we were? I misread the regex like a year >> ago. Updating now. > /^v=spf1 .+(\?|\+)all$/ > > .+ should be .* or it wont match > > 'v=spf1 +all' > > I would remove the '$' as it doesn't appear do anything useful and could > prevent matches on weird spf records. > > It may be worth splitting them into two rules for '?' and '+', there's > no dns overhead and they seem like significantly different cases. > # SPF THAT DOESN'T REALLY CARE IF EMAIL IS A FORGERY - ifplugin Mail::SpamAssassin::Plugin::AskDNS askdns JMQ_SPF_NEUTRAL _SENDERDOMAIN_ TXT /^v=spf1 .*?\?all/ describe JMQ_SPF_NEUTRAL SPF set to ?all score JMQ_SPF_NEUTRAL 0.5
askdns JMQ_SPF_ALL _SENDERDOMAIN_ TXT /^v=spf1 .*?\+all/ describe JMQ_SPF_ALL SPF set to +all! score JMQ_SPF_ALL 0.5 endif Better? -- Kevin A. McGrail VP Fundraising, Apache Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail - 703.798.0171