SPF_Fail score too low?
Mark Nienberg
gmane at tippingmar.com
Mon Mar 19 19:22:47 CET 2007
Chris Yuzik wrote:
> Hi everyone,
>
> I was just going over some stats, and I see a rule called "SPF_FAIL"
> with the description, "SPF: sender does not match SPF record (fail)",
> which seems like a fairly major violation, yet the score assigned
> currently is only 1.14.
>
> So if I'm clear what this means, I believe this says that the domain
> administrator has specified the specific IPs that are allowed to send
> email from this domain, and furthermore anything that doesn't come from
> the allowed IPs should not be accepted or trusted. Right? This isn't a
> soft-fail, but a full fail.
>
> Seems to me this should be something that should be scored at 5.0 or
> higher. Or am I wrong?
I agree. In my /etc/MailScanner/spam.assassin.prefs.conf I put
# standard SPF scores don't make much sense
# only the last column matters to us
score SPF_FAIL 0 0 0 3.50
score SPF_SOFTFAIL 0 0 0 1.50
score SPF_HELO_FAIL 0 0 0 1.00
score SPF_HELO_SOFTFAIL 0 0 0 0.50
Mark Nienberg
More information about the MailScanner
mailing list