You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Andrzej A. Filip" <an...@gmail.com> on 2012/07/12 09:08:19 UTC
Re: Spamassassin and SPF records with "+all" [learning per domain
worth of SPF record]
On 07/12/2012 09:01 AM, David F. Skoll wrote:
> On Thu, 12 Jul 2012 08:50:59 +0200
> Robert Schetterer <ro...@schetterer.org> wrote:
>
>> spf does not solve spam problems in general, its may only one from
>> many parameters for spam tagging check
> Indeed. I *never* subtract points for an SPF "pass" except for a very
> few select domains that I trust. I only ever use SPF to add points in
> the case of fail or softfail (and "neutral" for certain domains like
> adp.com.)
Would you suggest/recommend using spf-bayes?
[auto-learning of "worth" of given domain SPF record]
Re: Spamassassin and SPF records with "+all" [learning per domain
worth of SPF record]
Posted by Robert Schetterer <ro...@schetterer.org>.
Am 12.07.2012 09:08, schrieb Andrzej A. Filip:
> On 07/12/2012 09:01 AM, David F. Skoll wrote:
>> On Thu, 12 Jul 2012 08:50:59 +0200
>> Robert Schetterer <ro...@schetterer.org> wrote:
>>
>>> spf does not solve spam problems in general, its may only one from
>>> many parameters for spam tagging check
>> Indeed. I *never* subtract points for an SPF "pass" except for a very
>> few select domains that I trust. I only ever use SPF to add points in
>> the case of fail or softfail (and "neutral" for certain domains like
>> adp.com.)
> Would you suggest/recommend using spf-bayes?
> [auto-learning of "worth" of given domain SPF record]
>
i will have an eye to
http://www.ietf.org/id/draft-ietf-repute-email-identifiers-04.txt
--
Best Regards
MfG Robert Schetterer
Re: Spamassassin and SPF records with "+all" [learning per domain
worth of SPF record]
Posted by Martin Gregorie <ma...@gregorie.org>.
On Thu, 2012-07-12 at 03:20 -0400, David F. Skoll wrote:
> On Thu, 12 Jul 2012 09:08:19 +0200
> "Andrzej A. Filip" <an...@gmail.com> wrote:
>
> > Would you suggest/recommend using spf-bayes?
> > [auto-learning of "worth" of given domain SPF record]
>
> That is an interesting idea... store tokens like:
>
> example.com*spf-pass
>
> and compute probabilities.
>
There's maybe a case collecting stats in a simple table with rows keyed
on domain name and simply accumulating counts for the four levels (PASS,
NEUTRAL SOFTFAIL and FAIL) of both SPF-* and SPF-HELO-* sets along with
spam/ham counts and seeing what patterns emerge. Since nobody seems to
know how widespread SPF usage is, it might also be interesting to count
domains with no SPF flags set. Anything could be used for this: BDB,
SQLite or Derby should all do the job with minimal overheads.
Martin
Re: Spamassassin and SPF records with "+all" [learning per domain
worth of SPF record]
Posted by Benny Pedersen <me...@junc.org>.
Den 2012-07-12 09:20, David F. Skoll skrev:
> it's still the case because SPF is now more widely adopted than
> before. (Spammers tend to be early adopters of technology.)
thay are properly implementing dmarc into spamassassin right now :)
Re: Spamassassin and SPF records with "+all" [learning per domain
worth of SPF record]
Posted by "David F. Skoll" <df...@roaringpenguin.com>.
On Thu, 12 Jul 2012 09:08:19 +0200
"Andrzej A. Filip" <an...@gmail.com> wrote:
> Would you suggest/recommend using spf-bayes?
> [auto-learning of "worth" of given domain SPF record]
That is an interesting idea... store tokens like:
example.com*spf-pass
and compute probabilities.
A while ago, I did an informal count of messages we had processed and
found that spammers were slightly more likely to have an SPF "pass"
than non-spammers. It wasn't a huge difference and I don't know if
it's still the case because SPF is now more widely adopted than
before. (Spammers tend to be early adopters of technology.)
Regards,
David.