You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Benny Pedersen <me...@junc.org> on 2009/12/06 07:02:01 UTC

freemail vs dkim / spf

i think it could be added to freemail.pm to test if sender domain have  
spf or dkim and if no spf and or no dkim consider it as a freemail  
domain ?

i dont know if it require code changes to do this, but it make sense  
for me atleast to make it, no ?

objection, flames as i like to know how other thinks about it

-- 
xpoint http://www.unicom.com/pw/reply-to-harmful.html

Re: freemail vs dkim / spf

Posted by Michael Scheidell <sc...@secnap.net>.

Benny Pedersen wrote:
>
> i think it could be added to freemail.pm to test if sender domain have 
> spf or dkim and if no spf and or no dkim consider it as a freemail 
> domain ?
>
> i dont know if it require code changes to do this, but it make sense 
> for me atleast to make it, no ?
>
> objection, flames as i like to know how other thinks about it
>
nothing in the RFC's requires the use of SPF or DKIM.
(even if RFC's require RDNS, valid hostnames, valid matching helo, you 
will lose legit email if you bounce email that violates rfc's)
RFC's require a working postmaster and abuse address (see 
www.rfc-ignorant.org), but you will bounce legit email if you use that.

My point is two fold:
#1, SPF and DKIM are not RFC required, and the lack of (or use of) these 
doesn't indicate freemail or not.
#2, even if it WAS required by RFC's, not all legit mail servers will 
use it (they can't even get their RDNS right)

oh, and that means we should mark all email from this mailing lists as 
freemail, because:
#1, it doesn't use SPF records
#2, it doesn't use DKIM signing

(yes, maybe YOU signed your email with DKIM, but apache added stuff to 
the bottom of the email and broke the sig), AND, they don't use SPF)


-- 
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
 > *| *SECNAP Network Security Corporation

    * Certified SNORT Integrator
    * 2008-9 Hot Company Award Winner, World Executive Alliance
    * Five-Star Partner Program 2009, VARBusiness
    * Best Anti-Spam Product 2008, Network Products Guide
    * King of Spam Filters, SC Magazine 2008

_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.spammertrap.com
_________________________________________________________________________

Re: freemail vs dkim / spf

Posted by Mike Cardwell <sp...@lists.grepular.com>.

On 07/12/2009 19:13, Marc Perkel wrote:

> I have yet to find ANY use for SPF. And SPF causes nothing but problems.

You can't have been looking very hard then. I whitelist mail from this
list and spam-l with these simple SPF rules in my user_prefs:

whitelist_from_spf *@*.apache.org
whitelist_from_spf *@spam-l.com

Very useful.

-- 
Mike Cardwell - IT Consultant and LAMP developer
Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
Technical Blog: https://secure.grepular.com/blog/

Re: freemail vs dkim / spf

Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.

>    R-Elists wrote:
> 
>       > perkel wrote:
>       >  I have yet to find ANY use for SPF. And SPF causes nothing but
>      problems.
> 
>      Marc,
> 
>      why nothing but problems?
> 
>      is a lot of your system "mail forward" orientated?
> 
>      care to elaborate w/o going into the same old SPF diatribe?
> 
>      maybe there is something useful you havent had the "aha" factor on...
> 
>       - rh

On 07.12.09 11:59, Marc Perkel wrote:
>    Definitely no AHA. It breaks forwarding. Tell me about the aha.

It does NOT break e-mail forwarding. What is _affected_ by SPF is mail
forwarding without changing mail from:, which is already broken by design.
Since the original sender sends mail to forwarder, not to forwarded address,
and it's the forwarder, who sends mail to forwarded address - thus the
forwarder should take care about deliverability and should not provide
senders address.

Btw, please configure your MUA to quote, and use plaintext e-mail.

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
2B|!2B, that's a question!

RE: freemail vs dkim / spf

Posted by R-Elists <li...@abbacomm.net>.

 > perkel wrote: 
 >  I have yet to find ANY use for SPF. And SPF causes nothing but problems.

Marc,

why nothing but problems?

is a lot of your system "mail forward" orientated?

care to elaborate w/o going into the same old SPF diatribe?

maybe there is something useful you havent had the "aha" factor on...

 - rh

Re: freemail vs dkim / spf

Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.

> On Sun, 6 Dec 2009, Benny Pedersen wrote:
>> i think it could be added to freemail.pm to test if sender domain have  
>> spf or dkim and if no spf and or no dkim consider it as a freemail  
>> domain ?

On 07.12.09 12:23, Charles Gregory wrote:
> Nope. I run an ISP and basically my SPF amounts to 'neutral' because my  
> users can send mail from any access anywhere in the world with our  
> addresses on it (a situation that may change if I get SMTP-AUTH working). 
> So unless SA differentiates between a *result* of 'neutral' and the 
> simple absence of an SPF record, then our mail would be classified as 
> 'free' by this logic, even though it is not....

it does:

score SPF_HELO_NEUTRAL 2.231 2.000 0.744 0.576

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Silvester Stallone: Father of the RISC concept.

Re: freemail vs dkim / spf

Posted by Charles Gregory <cg...@hwcn.org>.

On Sun, 6 Dec 2009, Benny Pedersen wrote:
> i think it could be added to freemail.pm to test if sender domain have 
> spf or dkim and if no spf and or no dkim consider it as a freemail 
> domain ?

Nope. I run an ISP and basically my SPF amounts to 'neutral' because my 
users can send mail from any access anywhere in the world with our 
addresses on it (a situation that may change if I get SMTP-AUTH working). 
So unless SA differentiates between a *result* of 'neutral' and the simple 
absence of an SPF record, then our mail would be classified as 'free' by 
this logic, even though it is not....

- Charles

Re: freemail vs dkim / spf

Posted by Henrik K <he...@hege.li>.

On Sun, Dec 06, 2009 at 07:14:31AM -0600, McDonald, Dan wrote:
> On Dec 6, 2009, at 12:02 AM, "Benny Pedersen" <me...@junc.org> wrote:
>
>>
>> i think it could be added to freemail.pm to test if sender domain have 
>> spf or dkim and if no spf and or no dkim consider it as a freemail 
>> domain ?
>
>
> Sorry, but SPF and DKIM simply don't have the saturation required for  
> that.
>
> You could consider freemail without SPF or DKIM to be "unverified  
> freemail" and give them an extra point or so, but beyond that I wouldn't 
> see it as a useful spam sign.

And all this can be done with meta rules if you want to, no need to touch
freemail code. I'll leave it as the OPs exercise..

Re: freemail vs dkim / spf

Posted by "McDonald, Dan" <Da...@austinenergy.com>.

On Dec 6, 2009, at 12:02 AM, "Benny Pedersen" <me...@junc.org> wrote:

>
> i think it could be added to freemail.pm to test if sender domain  
> have spf or dkim and if no spf and or no dkim consider it as a  
> freemail domain ?


Sorry, but SPF and DKIM simply don't have the saturation required for  
that.

You could consider freemail without SPF or DKIM to be "unverified  
freemail" and give them an extra point or so, but beyond that I  
wouldn't see it as a useful spam sign.
--
>

Dan McDonald

Re: freemail vs dkim / spf

Posted by "McDonald, Dan" <Da...@austinenergy.com>.

On Dec 6, 2009, at 12:56 PM, "Marc Perkel" <ma...@perkel.com> wrote:

>
>
> Benny Pedersen wrote:
>>
>> i think it could be added to freemail.pm to test if sender domain  
>> have spf or dkim and if no spf and or no dkim consider it as a  
>> freemail domain ?
>>
>
> I don't see the relationship that SPF has to freemail domains.

Most freemail domains support either SPF or DKIM. But I can't form a  
syllogism that helps much, other than:

* spam often spoofs freemail addresses
* ham freemail usually matches SPF or is DKIM signed
* therefore, unsigned/unmatched freemail is likely spam.

But I think my daughter's logic teacher would be unconvinced...
--
Dan McDonald

Re: freemail vs dkim / spf

Posted by Marc Perkel <ma...@perkel.com>.


Benny Pedersen wrote:
>
> i think it could be added to freemail.pm to test if sender domain have 
> spf or dkim and if no spf and or no dkim consider it as a freemail 
> domain ?
>
> i dont know if it require code changes to do this, but it make sense 
> for me atleast to make it, no ?
>
> objection, flames as i like to know how other thinks about it
>

I don't see the relationship that SPF has to freemail domains.