exim4:validating_spf
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| exim4:validating_spf [2016/11/30 10:56] – peter | exim4:validating_spf [2020/07/15 09:30] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 10: | Line 10: | ||
| <WRAP notice> | <WRAP notice> | ||
| - | This needs the exim4-daemon-heavy package installed, and not the light variants of exim. | + | **NOTE**: |
| </ | </ | ||
| Line 93: | Line 93: | ||
| * **7** = error on parsing SPF record(s); functionally equivalent to 5 | * **7** = error on parsing SPF record(s); functionally equivalent to 5 | ||
| - | Now what's really interesting from the practical point of view is the third option, which requires the -all flag to be set in SPF rule. Not many domains have this in fact. | + | Now what's really interesting from the practical point of view is the third option, which requires the **-all** flag to be set in SPF rule. Not many domains have this in fact. |
| <WRAP caution> | <WRAP caution> | ||
| - | Having analysed many logs to check how effecient this is in stopping spam, shows that SPF is unfortunately very inefficient way to filter incoming mail, even for botnet spam which is rather simple to filter out by other means. | + | **CAUTION**: |
| Due to bad design of the protocol each SPF query may require several DNS queries (the spfquery tool has default limit of 10). On busy servers that's a lot. Server receiving 10 mails per second may potentially generate 50-100 additional DNS queries per second. | Due to bad design of the protocol each SPF query may require several DNS queries (the spfquery tool has default limit of 10). On busy servers that's a lot. Server receiving 10 mails per second may potentially generate 50-100 additional DNS queries per second. | ||
exim4/validating_spf.1480503367.txt.gz · Last modified: 2020/07/15 09:30 (external edit)