Check 'MIME From' and SMTP 'MAIL FROM' against SPF
John Wilcock
john at tradoc.fr
Tue Sep 15 14:56:58 UTC 2015
Le 15/09/2015 16:46, Mark Sapiro a écrit :
> The short answer is No. SPF is designed to work with the domain of the
> envelope sender (SMTP MAIL FROM address). It pays no attention to the
> address in any From: header.
The slightly longer answer is that this is an essential feature of SPF.
For a start, mailing list messages would fail SPF tests if you looked at
the "From:" header. Likewise, legitimate opt-in commercial e-mail is
often sent out via third parties, and it is not generally considered
practical to add the third party servers to a domain's SPF records.
While it would no doubt be possible write some code to conduct SPF tests
against the From: header, there would be an awful lot of false positives...
FWIW.
--
John
More information about the MailScanner
mailing list