Finally got round to implementing SPF (Sender Policy Framework for the uninitiated) on the mail server. This should hopefully cut down on the recent bursts of “backscatter” from spam. I am also planning on adding SPF records for the main Demon account, as that was badly hit with backscatter from MyDoom.A way back, and may well suffer again!

For information on SPF, check out this site.

Adding SPF checks to SpamAssassin was absolutely trivial – install the Mail::SPF::Query perl module! In the case of this server it was just a quick apt-get away (gotta love Debian).

Just as a quick note: I have seen many sites claiming that SPF doesn’t work as it should to prevent spam. In response to those claims, I would suggest that people actually check what it does claim. It merely helps prevent “spoofing”, nothing else, and if used correctly, does work (in my case, spoofed messages have a raised SA score, and are more likely to go into the spam-bucket). End result is no lost mail, and as I know which hosts send mail for the domain, less backscatter (if others use SPF sanely!)