Can I block/blacklist via SPF?? - SpamAssassin

This is a discussion on Can I block/blacklist via SPF?? - SpamAssassin ; ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Can I block/blacklist via SPF??

  1. Re: Can I block/blacklist via SPF??


  2. Can I block/blacklist via SPF??

    Hello, list. I've been wondering how to stop traffic from certain
    hosts which only seem to distribute spam. I'm tired of reporting the
    emails to their ISP, Spamcop, etc. Since the servers are identically
    configured (they seem to be virtual machines fired up/cloned from the
    same template), and have valid SPF records, I would like to know if is
    there a way to block/blacklist these domains via SpamAssassin.

    For the record, I run Postfix/Amavisd-new 2.5.4/SA 3.2.4. I do SPF
    checks only via SA.

    Here are two examples:
    http://pastebin.com/m2a039236
    http://pastebin.com/m5f77a5a4

    Thanks in advance,

    Luis
    --
    _____________________________________

    GNU/GPL: "May The Source Be With You...

    Linux Registered User #448382.
    _____________________________________


  3. Re: Can I block/blacklist via SPF??

    Luis Hernán Otegui wrote:
    > Hello, list. I've been wondering how to stop traffic from certain
    > hosts which only seem to distribute spam. I'm tired of reporting the
    > emails to their ISP, Spamcop, etc. Since the servers are identically
    > configured (they seem to be virtual machines fired up/cloned from the
    > same template), and have valid SPF records, I would like to know if is
    > there a way to block/blacklist these domains via SpamAssassin.
    >


    Why get SPF involved? Just blacklist the domain with blacklist_from
    *@example.com.

    SPF is useful to prevent forgery, but if a spammer wants to forge a
    domain you've blacklisted.. well, more power to em.


  4. Re: Can I block/blacklist via SPF??

    2008/5/20 mouss :
    > Matt Kettler wrote:
    >>
    >> Luis Hernán Otegui wrote:
    >>>
    >>> Hello, list. I've been wondering how to stop traffic from certain
    >>> hosts which only seem to distribute spam. I'm tired of reporting the
    >>> emails to their ISP, Spamcop, etc. Since the servers are identically
    >>> configured (they seem to be virtual machines fired up/cloned from the
    >>> same template), and have valid SPF records, I would like to know if is
    >>> there a way to block/blacklist these domains via SpamAssassin.
    >>>

    >>
    >> Why get SPF involved? Just blacklist the domain with blacklist_from
    >> *@example.com.
    >>
    >> SPF is useful to prevent forgery, but if a spammer wants to forge a domain
    >> you've blacklisted.. well, more power to em.
    >>
    >>

    >
    > and he can also block the domains or the clients in his MTA.


    Well, guess I left my brain on my night table this morning... Thanks
    for the Kindergarden lesson! Blocked them @ Postfix.

    Excuse me for the dumb topic. Too much coffee and no sleeping make me
    really close to a sea slug when it comes to thinking ;-)

    >
    >


    Best regards,


    Luis
    --
    _____________________________________

    GNU/GPL: "May The Source Be With You...

    Linux Registered User #448382.
    _____________________________________


  5. Re: Can I block/blacklist via SPF??


    On Tue, May 20, 2008 15:48, Luis Hernán Otegui wrote:

    > Here are two examples:
    > http://pastebin.com/m2a039236
    > http://pastebin.com/m5f77a5a4


    both are good candidates for training bayes

    just dont whitelist spam domains, it gets spf_pass that only says domain owner
    have assigned it good relay, can be spam, or ham still


    Benny Pedersen
    Need more webspace ? http://www.servage.net/?coupon=cust37098


  6. Re: Can I block/blacklist via SPF??


    On Tue, May 20, 2008 16:08, Matt Kettler wrote:

    > Why get SPF involved? Just blacklist the domain with blacklist_from
    > *@example.com.


    bad example :-)

    > SPF is useful to prevent forgery, but if a spammer wants to forge a
    > domain you've blacklisted.. well, more power to em.


    default spamassassin have low scores on pass/whitelist so if recipient really
    want it users need to do whitelist_auth foo@domain.tld

    and change scores on whitelist_* maybe :-)


    Benny Pedersen
    Need more webspace ? http://www.servage.net/?coupon=cust37098


  7. Re: Can I block/blacklist via SPF??

    Benny Pedersen wrote:
    > On Tue, May 20, 2008 16:08, Matt Kettler wrote:
    >
    >
    >> Why get SPF involved? Just blacklist the domain with blacklist_from
    >> *@example.com.
    >>

    >
    > bad example :-)
    >
    >

    Agreed..
    >> SPF is useful to prevent forgery, but if a spammer wants to forge a
    >> domain you've blacklisted.. well, more power to em.
    >>

    >
    > default spamassassin have low scores on pass/whitelist so if recipient really
    > want it users need to do whitelist_auth foo@domain.tld
    >
    > and change scores on whitelist_* maybe :-)
    >

    True, which would really be the case no matter how a domain is blacklisted.

    But in this case, OP isn't concerned with how to bypass a blacklist. It
    was just a bad example.


+ Reply to Thread