On Thu, 12 Jul 2012 08:50:59 +0200 Robert Schetterer wrote: > Am 11.07.2012 21:34, schrieb Josef Karliak: > > Good evening, > > within a few days we've spams from domains that has "+all" in the > > TXT spf record. I was thinking that I'll make a plugin that check > > this records and add some point to this email, but I do not know > > perl. Are there some other options ? Does anybody solve this > > problems ? Thanks and best regards > > J.Karliak. > > > > i wouldnt invest time in it > spf does not solve spam problems in general, its may only one from > many parameters for spam tagging check > > any spammer can have valid spf records, also strict ones > also any legal mail sender > > in deed many spammers have valid spf entries in dns
None of this really matters. It doesn't even matter whether spammers get much benefit from it, as long as they do it. What matters is whether a useful rule can be made out of spammer behaviour. Only the numbers will tell us whether a +all rule is useful in it's own right, and even if it isn't it may still be useful meta'ed with other rules. It seems likely that +all is used to give valid spf to botnet spam so maybe a meta with some botnet related rules might be useful.
