Only greylist if SPF fails

Request and discuss new features you would like to have.
Post Reply
heronimus
Posts: 24
Joined: 11 Sep 2015 10:19
Location: Netherlands

Only greylist if SPF fails

Post by heronimus »

Following other threads on the internet, it seems a good idea to me to skip the greylist filter in case of a positive SPF check on the sending mailserver. By now, i see many IP's in the "waiting greylist" with the same FROM: and TO: address but many different sender IP's.

Regards, Heronimus
zohman
Posts: 42
Joined: 12 Sep 2015 07:36

Re: Only greylist if SPF fails

Post by zohman »

no no no! :D

if spf fail for him we want him to be on the blacklist not the grey..
if it fail by spf he is trying to spoof some domain address so we want him out, period.

what you mean is that if he passes spf.. well, then why greylisting? he is the good guy.

should be like this,
spf pass - don't grey list, let him pass..
spf fail (-all) - reject at the protocol - he is not welcome at all.
any other result - softfail, natural permerror, etc - greylist.

I have write some script that I implemented in my system with sqlgrey,
will post it tomorrow and let you know,

Zohman.
heronimus
Posts: 24
Joined: 11 Sep 2015 10:19
Location: Netherlands

Re: Only greylist if SPF fails

Post by heronimus »

zohman wrote:what you mean is that if he passes spf.. well, then why greylisting? he is the good guy.

should be like this,
spf pass - don't grey list, let him pass..
spf fail (-all) - reject at the protocol - he is not welcome at all.
any other result - softfail, natural permerror, etc - greylist.
That's exactly what i mean. By doing it in this way, we have less complaints about delays in mail delivery (and an appropriate advice for those companies which still aren't using SPF records).

I look forward to your action. Thanks in advance.
zohman
Posts: 42
Joined: 12 Sep 2015 07:36

Re: Only greylist if SPF fails

Post by zohman »

heronimus wrote:
zohman wrote:what you mean is that if he passes spf.. well, then why greylisting? he is the good guy.

should be like this,
spf pass - don't grey list, let him pass..
spf fail (-all) - reject at the protocol - he is not welcome at all.
any other result - softfail, natural permerror, etc - greylist.
I look forward to your action. Thanks in advance.
viewtopic.php?f=14&t=1240
Post Reply