SPF_Fail score too low?

Mark Nienberg gmane at tippingmar.com
Mon Mar 19 19:22:47 CET 2007

Chris Yuzik wrote:
> Hi everyone,
> I was just going over some stats, and I see a rule called "SPF_FAIL" 
> with the description, "SPF: sender does not match SPF record (fail)", 
> which seems like a fairly major violation, yet the score assigned 
> currently is only 1.14.
> So if I'm clear what this means, I believe this says that the domain 
> administrator has specified the specific IPs that are allowed to send 
> email from this domain, and furthermore anything that doesn't come from 
> the allowed IPs should not be accepted or trusted. Right? This isn't a 
> soft-fail, but a full fail.
> Seems to me this should be something that should be scored at 5.0 or 
> higher. Or am I wrong?

I agree. In my /etc/MailScanner/spam.assassin.prefs.conf I put

# standard SPF scores don't make much sense
# only the last column matters to us
score SPF_FAIL 0 0 0 3.50
score SPF_SOFTFAIL 0 0 0 1.50
score SPF_HELO_FAIL 0 0 0 1.00
score SPF_HELO_SOFTFAIL 0 0 0 0.50

Mark Nienberg

More information about the MailScanner mailing list