Local SPF Rules for spamassassin and plesk
Posted: Thu Mar 05, 2009 11:20 am
Note: I'm using the qmail-scanner-queue.pl setup that is popular here.
I've found that having local SPF rules can speed up SpamAssassin if you have configured Plesk to add SPF Headers.
We decided to be a bit draconian with our SPF policy, so in Plesk>Server>Mail we set SPF checking mode to "Reject mails when SPF resolves to fail." (Forwarders be damned!)
The issue:
I've found that having local SPF rules can speed up SpamAssassin if you have configured Plesk to add SPF Headers.
We decided to be a bit draconian with our SPF policy, so in Plesk>Server>Mail we set SPF checking mode to "Reject mails when SPF resolves to fail." (Forwarders be damned!)
The issue:
- Plesk performs a SPF check and adds a Received-SPF header. This is a remote DNS request.
SpamAssassin performs another remote DNS request for SPF, completely ignoring the already written header.
- Comment out "loadplugin Mail::SpamAssassin::Plugin::SPF" from /etc/mail/spamassassin/init.pre
Create some local rules in /etc/mail/spamassassin/local.cfRestart spamd (/etc/init.d/spamassassin restart)Code: Select all
report_safe 0 rewrite_header subject *****SPAM***** required_score 6.50 header LOCAL_SPF_PASS Received-SPF =~ /^pass/ header LOCAL_SPF_NEUTRAL Received-SPF =~ /^neutral/ header LOCAL_SPF_SOFTFAIL Received-SPF =~ /^softfail/ header LOCAL_SPF_FAIL Received-SPF =~ /^fail/ score LOCAL_SPF_PASS -0.001 score LOCAL_SPF_NEUTRAL 2.199 1.210 0.756 0.686 score LOCAL_SPF_SOFTFAIL 2.301 0.654 0.698 0.596 score LOCAL_SPF_FAIL 2.600 0.992 1.669 0.693