On 2014-01-22 19:04, Michael Monnerie wrote:
Can we check this?
basics first: http:// can be forgedhttps:// can be forged but will make warn in browsers if there is another http:// url
spf have nothing to do with urls, that on place, all we can do is to make https:// the only url there is, if there is more then this single one then its forged and might be a phishing attempt
so next it just how to make such a rule in spamassassin
