Auteur: Graeme Fowler Datum: Aan: exim users Onderwerp: Re: [exim] SPF feature would be more useful if
On Mon, 2010-07-19 at 08:19 -0700, Marc Perkel wrote: > Although received headers can be forged, it is unlikely most spammers
> would do so Spammers would have to make SPF calls to do the forgery and
> that would be to expensive bandwidth wise. What I'm thinking is
> preventing false positives due to email forwarding.
You are Miss De Point and I claim my five pounds :)
Received headers are routinely forged in spam. It costs the spammer
nothing. It would cost you a lot to test against them.
The *only* Received: header you should trust is that added by your own
MTA.
It's also worth saying that in SPF terms "false positives due to email
forwarding" aren't false positives at all, they are messages which do
not adhere to the published policy. That's the sender's problem, not
yours (as the "recipient").
If you're going to do this sort of check (which is ignoring the sending
domain's published policy), why bother doing SPF checks at all?