On 7/15/2015 4:37 PM, Bowie Bailey wrote:
staplesbilling.com actually uses DKIM, but it always comes up as
invalid by the time SA sees it, so that isn't particularly useful. I
managed to get my MTA to add a Received-SPF header, but SA ignores it
- presumably because the MTA puts it at the bottom of the headers
rather than inline with the Received headers.
Why doesn't SA check SPF for the From header? Isn't the whole point
of SPF to be able to link the From address to a list of servers
allowed to send mail from that address?
http://www.openspf.org/Introduction
SPF protects the envelope sender address and this page will discuss
other solutions that protect the header sender address.
Regards,
KAM
