Feature Request
Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=6187
Printed Date: 03 June 2025 at 12:54am
Topic: Feature Request
Posted By: Desperado
Subject: Feature Request
Date Posted: 08 August 2007 at 2:25pm
|
Can we have, perhaps a "Tag On Soft Fail" option on SPF? I ask because even the "Champions" of SPF, AOL, are not willing to commit to a "-all" and technically, we should not block "Soft Fails" but I would like to see some action even if passing the messages. ------------- The Desperado Dan Seligmann. Work: http://www.mags.net Personal: http://www.desperado.com |
Replies:
Posted By: sgeorge
Date Posted: 08 August 2007 at 2:45pm
|
Dan, excellent idea. May I piggie back on your request? I would love to be able to locally create an overriding SPF rule for domains not in my control. If a domain has a weak SPF rule (or none at all), and I am confident that I am able to determine all of their legitimate outgoing mail servers, it would be great to be able to tell SpamFilter from which i.p.s to accept mail for domain x. I'm piggie-backing because I'm also like to see your thoughts on this Dan. Stephen |
Posted By: Desperado
Date Posted: 08 August 2007 at 2:57pm
|
Stephen, Did you see my post on the DNS White List? ------------- The Desperado Dan Seligmann. Work: http://www.mags.net Personal: http://www.desperado.com |
Posted By: sgeorge
Date Posted: 08 August 2007 at 3:11pm
|
Hey Dan, that's a good point... a white list that is contributed to by many, but moderated by experienced admins certainly would be more more up-to-date and accurate. |
Posted By: Roman
Date Posted: 15 August 2007 at 9:37am
| One more thing: it would be very nice to have an option to block all domains with "+all" or "ip4:0.0.0.0/0" defenitions like SPF for "alicencias.com". |
Posted By: Roman
Date Posted: 15 August 2007 at 9:57am
| By the way, Dan, I send to quarantine not only "softfail" but also "neutral", and for about 2 years I remember only 1 or 2 false positives. So, as long as major mail servers are afraid to use "-all" and even "~all" tags, there is no real difference between all of them. |
Posted By: sgeorge
Date Posted: 17 August 2007 at 2:32pm
|
Roman, the relaxed approach that the big guys have taken really frustrates those (such as me) that could have an valid, but restricted, use for adding mechanisms such as neutral "?" and soft-fail "~" to SPF records. I agree that the system has certainly been used and abused, though there's a percentage of us who actually need these grey-area mechanisms. Consider my situation: We have a few mail servers for a small organization. We have complete control over most of those mail servers, except our Web site is hosted on a shared hosting site; in the past, some other customers have used the shared site as a "spam house" so to speak. It's in our interest to not to unwittingly "validate" one of these abusers attempts forge one of our email addresses from the same ip. Therefore, we setup our spf record to something like this:
The effect allows "neutral" results for e-mails sent out from sharedhostingsite.com, while a solid "pass" or "fail" occurs for everything else. If people block all "neutal" SPF results, then we would be better off having no SPF record at all. But that would not make me very happy.  Stephen |
Posted By: Roman
Date Posted: 17 August 2007 at 4:13pm
|
Stephen, we had this conversation about 1 year ago. My opinion stands still: if you use some host for relay - whitelist it. I don't want to get an uncertain answer "may be spam, may be not" - what should I do with it?
I'd be glad to follow the rules, but I see no hope in this particular situation. So I'm forced to quarantine "neutral". Well, there could be solution if we have an option to treat "-~?+all" as strict "-all", but treat softfails and neutrals in other expression as we do now. This could make us both happy. Nevertheless I suggest you to "pass" your low trusted site. Consider these possible cases: 1. you stay with "neutral" - some hosts (like mine) would block your legitimate mail and you will whitelist any possible spam through your unsafe host for those who follow the rules anyway. 2. you make it "pass" - your legitimate mail will always be delivered, spam with your faked name will always be blocked, but IF it ever happens that someone on unsafe host would guess how to abuse your SPF record - you'll need to undertake some investigation. 3. you drop the SPF record - this actually whitelist all internet (INCLUDING your unsafe host) to send spam on behalf of your name. So it can not be safer than 2 in any way. |