[Rspamd-Users] Rejecting TLDs
G.W. Haywood
rspamd at jubileegroup.co.uk
Wed May 3 17:55:48 UTC 2023
Hi there,
On Wed, 3 May 2023, Achim Lammerts via Users wrote:
> since I do not expect any e-mails from such top level domains, I also handle
> this restrictively. But instead of a REJECT I give a positive score.
> If a sender has secured his address with SPF and DKIM and this can be
> validated, this score is reduced again and the e-mail can be delivered.
>
> But spammers usually don't do this.
This view seems wildly optimistic to me.
We run a pretty small operation here, handling only our own mail.
We log pretty much everything. Just now I ran a query against our
database asking for messages in the past year which were detected as
spam but which were flagged as passing our (strict) SPF checks.
Just over 50,000 passed, of 130,000 total spam, so about 40 percent of
the spam we saw in the past year passed our strict SPF tests.
SPF is about forgery, not about spam. Yes a lot of spam is forged,
but - at least of the spam we see here - almost half of it isn't.
--
73,
Ged.
More information about the Users
mailing list