Jump to content

SPF and RHSBL


rmh

Recommended Posts

Hi!

Because of the agressive filtering I use on my server, all my incoming mail comes with either of these headers:

Received-SPF: pass

or

X-SPF-Guess: pass

this implies that, when I receive a spam, they actualy *had* to expose their real domain name. Joe jobs are impossible unless they compromised the victim's network (e.g. via open relay).

Spamcop gets to see all my headers, so can it take advantage of that? When either Received-SPF or X-SPF-Guess result in "pass", it could assume the domain is spam-owned and add it to an RHSBL. In turn, such RHSBL would be very useful in my spam filtering, completing the circle.

Note: since I implemented this filter, my spam rate has descended from 20/day to less than 0.5/day. My goal is to reach ZERO though, and the only way I can filter the occasional fully compliant, non-forged mail is with good RHSBLs. Unfortunately there aren't really good RHSBLs around (surbl.org being the best I found so far, maybe because it's fed by spamvertised URIs from spamcop). A spamcop RHSBL could dramaticaly change that.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...