On Mon, 2010-07-19 at 08:19 -0700, Marc Perkel wrote: > Although received headers can be forged, it is unlikely most spammers > would do so Spammers would have to make SPF calls to do the forgery and > that would be to expensive bandwidth wise. What I'm thinking is > preventing false positives due to email forwarding.
You are Miss De Point and I claim my five pounds :) Received headers are routinely forged in spam. It costs the spammer nothing. It would cost you a lot to test against them. The *only* Received: header you should trust is that added by your own MTA. It's also worth saying that in SPF terms "false positives due to email forwarding" aren't false positives at all, they are messages which do not adhere to the published policy. That's the sender's problem, not yours (as the "recipient"). If you're going to do this sort of check (which is ignoring the sending domain's published policy), why bother doing SPF checks at all? Graeme -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
