Benny Pedersen wrote:
>
>
> On Wed, December 31, 2008 06:29, Bijayant wrote:
>>
>> From all the discussions and reading all the replies in this thread
>> I have understood many things like
>> 1) We use smtp-auth for sending the mails. So, I can reject all
>> mails which are not generating from my mail server,
>
> reject sender domains with do not auth and are local
>
>> right? This will be a good tactics.
>
> yes
>
> Slightly offtopic, but when I tried this I am getting the Bounce message
> because the email-id is local and valid. Perhaps I need to do more R & D.
>
>> Now the SPF parts,
>> 2) If the SPF records is configured in DNS, then we do not have to
>> do any additional configuration in Postfix and spamassassin.
>
> in postfix no change
>
> in spamassassin:
>
> i use the below php code that dumps squirreelmail address book to
> whitelist_auth
>
> <?php
>
> include_once('./conf.inc.php');
>
> mysql_connect ($HostName, $UserNameSQ, $PassWordSQ); // or die
> ('connect error');
> mysql_select_db ($DataBaseSQ); // or die ('database error');
>
> // CREATE TABLE `address` (
> // `owner` varchar(255) NOT NULL,
> // `nickname` varchar(255) NOT NULL,
> // `firstname` varchar(255) NOT NULL,
> // `lastname` varchar(255) NOT NULL,
> // `email` varchar(255) NOT NULL,
> // `label` varchar(255) NOT NULL
> // ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='squirrelmail
> address book';
>
> $query = "SELECT email FROM address ORDER BY 'owner' ASC";
> $handle = mysql_query ($query); // or die(mysql_error());
> for ($count = 1; $row = mysql_fetch_row ($handle); ++$count) {
> print "whitelist_auth $row[0]\n"; }
> ?>
>
> cron the above so its part of the sa-update
>
> php whitelist_auth_from_squirrelmail.php >
> /path/to/local.cf/00_local_whitelist_auth.cf
>
>> We can create the Meta
>
> dont mess it more
>
>> rules in local.cf to increase/decrease the score, right?
>
> no whitelist trusted senders that are known in local via spf pass
> and or dkim
>
>> 3) Gmail adds a header like "Received-SPF: fail/pass/neutral".
>
> ignore that header it can be faked !
> I
>> think MTA is adding this header.
>
> no its a python spf checker
>
>> How this type of headers can be added?
>
> spamassassin have its own spf checker, dont use another
>
>
> to rule maintainers: can we change default scores for whitelist_from
> now ?
>
> --
> Benny Pedersen
> Need more webspace ? http://www.servage.net/?coupon=cust37098
>
>
Thanks, now its getting clearer to me that I have to do any change in SA
only. I tried to simulate the scenario for SPF and found that SA added one
test like "X-Spam-Status: SPF_NEUTRAL=1.069". When I greped this like
grep -ilr "SPF_NEUTRAL" /etc/mail/spamassassin/*, I found nothing.
1) So, how could I start increase/decrease the scores based on SPF results.
2) What should I do to whitelist the senders because, if I will whitelist
the senders then it will not check for the Spam and the mail will passed
without the spam TAG.
Please suggest me, I am also doing google and reading more about the SA.
Happy New Year !!!
--
View this message in context:
http://www.nabble.com/Implementing-SPF-tp21216090p21285944.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
