You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Jason Haar <jh...@trimble.co.nz> on 2004/11/22 10:01:52 UTC

SPF and envelope vs From:

I just got some eBay phishing scam e-mail, and SA failed to notice that 
this mail wasn't generated according to eBay's SPF policy.

Why? Because the envelope "mail from" information referred to 
"Return-Path: homeservers@aplus.net" - a (forged) address that has 
nothing to do with eBay. They (aplus.net) don't have a SPF policy, so SA 
couldn't "up" a score based on SPF.

Isn't there a bit of a problem with SPF in this account? I understand 
from a MACHINE perspective, the envelope information is "truth", but 
from a human perspective, the From: header is who the message is from...

Sounds like a pretty easy workaround SPF. Doesn't this sort of kill the 
raison d'Ãªe of SPF?

Jason