Before my actual question, here's a little background. Right now, I see how
pointless SPF is; few domains publish records, even fewer MTAs running in
the wild use SPF to accept/reject mail. When I look at the SPF scoring on my
server (where I'm running an SPF milter for Sendmail), most of the mail with
neutral SPF answers were sent from servers that should in no way be
authorized to send mail for the domain. So, it got me thinking...
Shouldn't mail be sent through the MX for a domain?
Yes, I know MX records are for receiving mail, but in common practice the
servers they represent do double duty, both receiving mail from the outside
world and allowing users to send mail as well. Somewhere in the Received:
headers, it seems like you would see one of the MXes as a sender on most
legitimate messages. I'm sure someone's had this idea before (it's so
obvious that I can't believe that they wouldn't), but there must be some
reason it's not used as a flag for incoming spam. I've been thinking about
investing some time into writing a SpamAssassin plugin that would check the
Received headers for signs of an MX for the sender, but would I be wasting
my time?
