> That doesn't make sense. Maybe I am misunderstanding this. From openspf.org: > > What does SPF actually DO? > > Suppose a spammer forges a hotmail.com address and tries to spam you. > > They connect from somewhere other than Hotmail. > > When his message is sent, you see MAIL FROM: <[EMAIL PROTECTED]>, > but you don't have to take his word for it. You can ask Hotmail if the IP > address comes from their network.
The MTA never really sees whats in the headers. It only adds to the headers. When an SMTP connection first begins the connecting MTA says helo this [EMAIL PROTECTED] Thats what SPF looks at. The MTA then adds that as the return path to the headers. >>Return-path: <[EMAIL PROTECTED]> That return path looks flaky. I would think spamassassin would have some way of since its not a valid domain consider it suspect. Not sure though. Matt
