You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Ray Jette <rj...@mestek.com> on 2008/10/02 16:28:19 UTC
SPF rules
Good morning,
The SPF_PASS and SPF_HELO_PASS rules hit several hundred messages a day.
I am doing SPF lockup's at the MTA. How do I go about stopping these
tests from within SA?
Thanks,
Ray
Re: SPF rules
Posted by mouss <mo...@netoyen.net>.
Benny Pedersen wrote:
> On Thu, October 2, 2008 16:28, Ray Jette wrote:
>> Good morning,
>
> evening here :)
it keeps changing here :)
>
>> The SPF_PASS and SPF_HELO_PASS rules hit several hundred messages a day.
>> I am doing SPF lockup's at the MTA. How do I go about stopping these
>> tests from within SA?
The question is why? If your MTA does SPF checks, then doing them again
in SA costs nothing if you have a "recommended" setup (DNS caching).
>
> perldoc Mail::SpamAssassin::Conf
> perldoc Mail::SpamAssassin::Plugin::SPF
>
> if spf test is adding header to the mail, disable the perl spf code
> modules and let spf plugin use the header
>
> if want no spf test at all in sa, disable the plugin in a pre file
>
but this will "break" all things that depend on SPF (including
whitelist_from_spf, ...). not clear whether OP wants this.
Re: SPF rules
Posted by Benny Pedersen <me...@junc.org>.
On Thu, October 2, 2008 16:28, Ray Jette wrote:
> Good morning,
evening here :)
> The SPF_PASS and SPF_HELO_PASS rules hit several hundred messages a day.
> I am doing SPF lockup's at the MTA. How do I go about stopping these
> tests from within SA?
perldoc Mail::SpamAssassin::Conf
perldoc Mail::SpamAssassin::Plugin::SPF
if spf test is adding header to the mail, disable the perl spf code
modules and let spf plugin use the header
if want no spf test at all in sa, disable the plugin in a pre file
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
Re: SPF rules
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
On 02.10.08 10:28, Ray Jette wrote:
> The SPF_PASS and SPF_HELO_PASS rules hit several hundred messages a day.
> I am doing SPF lockup's at the MTA. How do I go about stopping these
> tests from within SA?
if your MTA pushes Received-SPF: headers to the mail, the SA will use it.
There are still many possibilities where SA may use SPF result even if it
passed in (there are some unsure results that score a bit...)
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)
Re: SPF rules
Posted by "McDonald, Dan" <Da...@austinenergy.com>.
On Thu, 2008-10-02 at 10:57 -0400, Ray Jette wrote:
> Thanks for the quick reply. Do you know what .pre file this is contained
> in? From the /etc/spamassassin directory I ran the following:
> grep SPF_PASS *.pre but came up with nothing.
[mcdonalddj@sa spamassassin]$ grep -i -C 1 spf *.pre
init.pre-
init.pre:# SPF - perform SPF verification.
init.pre-#
init.pre:loadplugin Mail::SpamAssassin::Plugin::SPF
init.pre-
Although, I do agree with Matus that SPF is low-cost and adds value even
if it is checked elsewhere.
>
> Thanks.
>
> On Thu, 2008-10-02 at 09:44 -0500, McDonald, Dan wrote:
> > or just remove the module from the .pre file that it's loaded from.
>
--
Daniel J McDonald, CCIE #2495, CISSP #78281, CNX
Austin Energy
http://www.austinenergy.com
Re: SPF rules
Posted by Ray Jette <rj...@mestek.com>.
Thanks for the quick reply. Do you know what .pre file this is contained
in? From the /etc/spamassassin directory I ran the following:
grep SPF_PASS *.pre but came up with nothing.
Thanks.
On Thu, 2008-10-02 at 09:44 -0500, McDonald, Dan wrote:
> or just remove the module from the .pre file that it's loaded from.
Re: SPF rules
Posted by Kelson <ke...@speed.net>.
Matus UHLAR - fantomas wrote:
> Of course, PASS tells nothing, but
> there are *FAIL, NEUTRAL etc.
Actually, PASS can tell you quite a bit if you're trying to whitelist a
specific address or domain (eg. whitelist_from_spf).
--
Kelson Vibber
SpeedGate Communications <www.speed.net>
Re: SPF rules
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
> On Thu, 2008-10-02 at 10:28 -0400, Ray Jette wrote:
> > Good morning,
> > The SPF_PASS and SPF_HELO_PASS rules hit several hundred messages a day.
> > I am doing SPF lockup's at the MTA. How do I go about stopping these
> > tests from within SA?
On 02.10.08 09:44, McDonald, Dan wrote:
> score SPF_PASS 0
> score SPF_HELO_PASS 0
>
> or just remove the module from the .pre file that it's loaded from.
that's very bad idea. SPF can give good results even using at SA level.
e.g. SPF soft fail means that care should be taken as the mesasge is
suspicious. That means, score is added. Of course, PASS tells nothing, but
there are *FAIL, NEUTRAL etc.
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
There's a long-standing bug relating to the x86 architecture that
allows you to install Windows. -- Matthew D. Fuller
Re: SPF rules
Posted by "McDonald, Dan" <Da...@austinenergy.com>.
On Thu, 2008-10-02 at 10:28 -0400, Ray Jette wrote:
> Good morning,
> The SPF_PASS and SPF_HELO_PASS rules hit several hundred messages a day.
> I am doing SPF lockup's at the MTA. How do I go about stopping these
> tests from within SA?
score SPF_PASS 0
score SPF_HELO_PASS 0
or just remove the module from the .pre file that it's loaded from.
--
Daniel J McDonald, CCIE #2495, CISSP #78281, CNX
Austin Energy
http://www.austinenergy.com