Check 'MIME From' and SMTP 'MAIL FROM' against SPF

John Wilcock john at
Tue Sep 15 14:56:58 UTC 2015

Le 15/09/2015 16:46, Mark Sapiro a écrit :
> The short answer is No. SPF is designed to work with the domain of the
> envelope sender (SMTP MAIL FROM address). It pays no attention to the
> address in any From: header.

The slightly longer answer is that this is an essential feature of SPF.

For a start, mailing list messages would fail SPF tests if you looked at 
the "From:" header. Likewise, legitimate opt-in commercial e-mail is 
often sent out via third parties, and it is not generally considered 
practical to add the third party servers to a domain's SPF records.

While it would no doubt be possible write some code to conduct SPF tests 
against the From: header, there would be an awful lot of false positives...


More information about the MailScanner mailing list