Hi, The Bitfolk Spam Assassin already scores for SPF. I occasionally see "SPF_PASS" in X-Spam-Status and "* -0.0 SPF_PASS SPF: sender matches SPF record" in X-Spam-Report. Regards, @ndy -- andyjpb(a)ashurst.eu.org http://www.ashurst.eu.org/ 0x7EBA75FF

On 14/07/2012 15:15, Nigel Rantor wrote: An initial disclaimer: I firewall port 22 by country of origin, so pretty much all email originating from address blocks allocated to China, Russia, and a couple of others are blocked. Inbound connections attempting to send spam are therefore reduced by an unmeasured amount. I've been using SPF for a couple of years now, and haven't experienced many problems. As an SPF check generally returns one of three states (pass, fail, neutral), my approach is: * Accept the email if SPF passes (no greylisting, message then goes through SpamAssassion etc) * Reject the email if SPF fails * Greylist the sender if SPF returns neutral This has the following benefits: * Email from senders with correctly-configured SPF records is received straight away without delays from greylisting * Email from non-permitted senders is considered spam and is denied on receipt, so doesn't waste any more time/resources going through the rest of the system * Email from senders without SPF records can still be received (via greylisting) Then there are the drawbacks: * Email from senders without SPF records is delayed by the greylisting. This can be irritating when e.g. signing up to a website and waiting for a confirmation email. * Spam originating from hosts which pass SPF checks bypasses greylisting. * A genuine email which outright fails an SPF check is lost without my knowledge. In practice, these drawbacks are fairly minor. A quick scan through my inbox would seem to suggest that many reputable and competent senders of email are publishing SPF records these days, and the occassions when genuine email which I'm interested in reading straight away getting held up in greylisting are increasingly rare. I've never knowingly had any problems with genuine email being shot down by an SPF fail. The worst drawback is the spam originating from senders which pass SPF checks. This tends to be down to either badly configured SPF records on the part of originating domains (a straw poll from my spam folder has turned up several domains with SPF records ending in '+all' ), or spammers operating from compromised hosts. Such spam tends to turn up in short bursts and then subside pretty quickly, is low in volume overall (23 spams from the last two weeks in my deleted folder), and generally gets hosed by SpamAssassin in any case. Overall I'm happy with the way it works; my spam volumes are pretty low, and the drawbacks fairly minor from my perspective. Also of interest is http://spf-all.com/ which lets you look up the published SPF record for any domain, and has some fun stats. -- Phil Stewart