[Linux-aus] SPF problems too

Russell Coker russell at coker.com.au
Wed Mar 2 00:23:32 AEDT 2016 

On Mon, 29 Feb 2016 06:36:08 PM David Bell wrote:
> Because I'm finally making an attempt to catch up on email I thought I'd
> share my perspective as a moderator/admin of the mailing lists for LCA2016
> (and lca-announce) as well as a user of mailhost for normal email.
> 
> Following this thread the admin team disabled greylisting and SPF on
> mailhost which affects mail flow into LA's mailing lists (including LCA)
> and the various inboxes used by Council, the Admin Team, and the LCA team
> (among others). Whilst mail was delivered slightly quicker, the quantity of
> spam also increased notably.

Wouldn't it make more sense to have greylisting running on the addresses that 
aren't for subscriber-only lists?  When a list only allows subscribers to post 
it won't benefit from greylisting.

Regarding SPF, what needed to be done is to have the address published for the 
council not point to a system that forwarded mail without SRS to a server that 
enforces SPF checks.

> Based on these experiences (which I'd expect the other mailman
> moderators/admins, mailhost users would echo) I'd recommend the Admin Team
> enable greylisting and SPF once again. If configured well (as I believe it
> was previously) most users should barely notice a delay as repeat senders
> do not get greylisted again within certain time frames.

There was never any serious complaint about greylisting.  Complaints about it 
came as a side effect of the list queuing issue that was delaying mail, 
greylisting got blamed for what was mostly not related to it.

SPF was never configured well.  When a server receives mail from a basic 
forwarding system that doesn't do SRS it has to be configured to whitelist that 
server.  The fact that I can now send mail to the advertised address for the 
council without it bouncing is an improvement.  But it would be better if SPF 
was configured correctly.

We currently have a problem of needless spam with James Purser's address in 
the From: field which can be simply fixed by enforcing SPF.  While that spam is 
a small portion of the spam that everyone here receives it's something that 
can be simply solved.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

More information about the linux-aus mailing list