Jump to content
Sign in to follow this  


Recommended Posts


Because of the agressive filtering I use on my server, all my incoming mail comes with either of these headers:

Received-SPF: pass


X-SPF-Guess: pass

this implies that, when I receive a spam, they actualy *had* to expose their real domain name. Joe jobs are impossible unless they compromised the victim's network (e.g. via open relay).

Spamcop gets to see all my headers, so can it take advantage of that? When either Received-SPF or X-SPF-Guess result in "pass", it could assume the domain is spam-owned and add it to an RHSBL. In turn, such RHSBL would be very useful in my spam filtering, completing the circle.

Note: since I implemented this filter, my spam rate has descended from 20/day to less than 0.5/day. My goal is to reach ZERO though, and the only way I can filter the occasional fully compliant, non-forged mail is with good RHSBLs. Unfortunately there aren't really good RHSBLs around (surbl.org being the best I found so far, maybe because it's fed by spamvertised URIs from spamcop). A spamcop RHSBL could dramaticaly change that.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this