Facebook
Twitter
- Server operating system version
- almalinux 8.8
- Plesk version and microupdate number
- 18.0.53
Hi all, asking for input / opinions about the behaviour of SPF softfail in Plesk Email Security, and a possible slight change/adjustment in its behaviour.
Scenario: all our servers use PES. DMARC, DKIM, SPF enabled. SPF is set to "reject mails when SPF resolves to fail (deny)". Didn't choose softfail as that can cause issues when emails are being forwarded.
Just received a mail with SPF status "softfail". Is an obvious spam/phishing mail. Which is what got me thinking again.
Here is the question / suggestion for discussion:
When "reject mails when SPF resolves to fail (deny)" is chosen, currently mail with softfail are just being processed normally and put into the inbox. Which is the standard procedure.
But wouldn't it be a more fitting option under that setup that softfail mails are being put into spam. (Or have a choice between standard procedure and "put into spam")?
As per commonly thought definition that softfail means that an email is probably not authorized to being sent [in contrast to a hardfail where it definitely isn't authorised, and a neutral/pass one].
I'm aware is a fine line to pick in a server setup - to not create/label too many mails falsely as spam, while still catching most spam.
I'm also aware that above behaviour/option is likely outside any RFC, but (at least in my opinion) would be a good enhancement of PES its spam treatment.
[Background; we operate in a corner of the planet where money is extremely tight. So choosing one of the big antispam offerings isn't an option. PES is affordable under the circumstances and works pretty well after we tweaked most spamassassin rules to what fits us and our clients best. But of course always looking to improve where-ever possible]
Cheers,
Tom
Scenario: all our servers use PES. DMARC, DKIM, SPF enabled. SPF is set to "reject mails when SPF resolves to fail (deny)". Didn't choose softfail as that can cause issues when emails are being forwarded.
Just received a mail with SPF status "softfail". Is an obvious spam/phishing mail. Which is what got me thinking again.
Here is the question / suggestion for discussion:
When "reject mails when SPF resolves to fail (deny)" is chosen, currently mail with softfail are just being processed normally and put into the inbox. Which is the standard procedure.
But wouldn't it be a more fitting option under that setup that softfail mails are being put into spam. (Or have a choice between standard procedure and "put into spam")?
As per commonly thought definition that softfail means that an email is probably not authorized to being sent [in contrast to a hardfail where it definitely isn't authorised, and a neutral/pass one].
I'm aware is a fine line to pick in a server setup - to not create/label too many mails falsely as spam, while still catching most spam.
I'm also aware that above behaviour/option is likely outside any RFC, but (at least in my opinion) would be a good enhancement of PES its spam treatment.
[Background; we operate in a corner of the planet where money is extremely tight. So choosing one of the big antispam offerings isn't an option. PES is affordable under the circumstances and works pretty well after we tweaked most spamassassin rules to what fits us and our clients best. But of course always looking to improve where-ever possible]
Cheers,
Tom
