stopping the significant number of bots that use addresses from my domain as mail-from as well as recipient.
I have a spoofing rule that blocks those regardless of SPF configuration. Of course I've also had to add exceptions for a few sites and lists that 'legitimately' spoof addresses.. -----Original Message----- From: Nigel Roberts [mailto:nigel(a)nobiscuit.com] Sent: Thursday, 22 July 2010 10:33 p.m. To: Regan Murphy Cc: Mark Foster; nznog(a)list.waikato.ac.nz Subject: Re: [nznog] SPF Mail rejection On Thu, 22 Jul 2010 at 10:02:07 +0000, Regan Murphy wrote:
At this stage I only use SPF on inbound to increase an overall spam score - not block it outright.
The best thing about having SPF records for my domain and using SPF to block outright is stopping the significant number of bots that use addresses from my domain as mail-from as well as recipient. A quick couple of greps tells me this is about 10% of all inbound SMTP connections to my mail server, which means 10% less load on dspam and delivery. This may just be a luxury of having a vanity domain due to consequences that I haven't thought of but it works well for me. Nigel