Jump to content
Sign in to follow this  
rmh

SPF and RHSBL

Recommended Posts

Hi!

Because of the agressive filtering I use on my server, all my incoming mail comes with either of these headers:

Received-SPF: pass

or

X-SPF-Guess: pass

this implies that, when I receive a spam, they actualy *had* to expose their real domain name. Joe jobs are impossible unless they compromised the victim's network (e.g. via open relay).

Spamcop gets to see all my headers, so can it take advantage of that? When either Received-SPF or X-SPF-Guess result in "pass", it could assume the domain is spam-owned and add it to an RHSBL. In turn, such RHSBL would be very useful in my spam filtering, completing the circle.

Note: since I implemented this filter, my spam rate has descended from 20/day to less than 0.5/day. My goal is to reach ZERO though, and the only way I can filter the occasional fully compliant, non-forged mail is with good RHSBLs. Unfortunately there aren't really good RHSBLs around (surbl.org being the best I found so far, maybe because it's fed by spamvertised URIs from spamcop). A spamcop RHSBL could dramaticaly change that.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×