From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from b-painless.mh.aa.net.uk ([81.187.30.52]) by ur; Sat Feb 11 17:34:44 EST 2017 Received: from 10.190.187.81.in-addr.arpa ([81.187.190.10] helo=quintile.net) by b-painless.mh.aa.net.uk with esmtp (Exim 4.84_2) (envelope-from ) id 1ccgFI-0002JV-6N for 9front@9front.org; Sat, 11 Feb 2017 22:34:20 +0000 Received: from [192.168.1.103] ([81.187.190.10]) by quintile.net; Sat Feb 11 22:34:17 GMT 2017 From: Steve Simon Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) Date: Sat, 11 Feb 2017 22:34:16 +0000 Subject: Re: [9front] nupas spf checker: outdated ip bans Message-Id: <1EF86914-E2E8-4603-814E-DF6BC30B429A@quintile.net> References: <20170211212334.GF18221@wopr> In-Reply-To: <20170211212334.GF18221@wopr> To: 9front@9front.org X-Mailer: iPhone Mail (14C92) List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: information session-aware SQL over SQL STM-aware replication singleton hi, i agree SPF is (sadly) no longer much use. i still run a plan 9 mail server. my main source of spam is French virtual h= osts which appear in distinct up blocks. i use ratfs(1) to block cidr ranges= to keep them at bay. i also added code to ratfs to add a reverse ip address database. this suppor= ts regex so i can easily block reverse address ranges - i use tho block mail= from dialup and adsl addresses. code available to the interested. -Steve > On 11 Feb 2017, at 21:23, Kurt H Maier wrote: >=20 >> On Sat, Feb 11, 2017 at 08:42:34PM +0100, Julius Schmidt wrote: >> on second thought, the whole cidrokay() check should go away, i.e. i=20 >> propose we replace cidrokay() with "return 1;" >=20 > I support this. >=20 >> - disallow any email from the ranges >=20 > Among other things, why is the SPF checker screwing around with IP > ranges to start with? I am assuming it was just a convenient place to > put these tests, but regardless, the tests are dated and arguably > useless anyway. >=20 > khm