There are lots of webservices out there that sends mail with spoofed >From addresses.
This messages are not spam. Usually, the common practice is to have the MAIL FROM (envelope) with the real address from the server and the From with the service desired from address. So that the receiver gets the message with a From address from another user (of the service) that generated the mesage. In this cases, I can whitelist based on the Mail From. The problem is that some services like MSN Live Messenger uses the spoofed address in both From: field and Mail From. So, how to get around this? I can whitelist because there is no single address that can vaidate the message as from MLM. Sure I can write some rules to catch this specific behaviour, but is this legal (legal in RFC sense I mean)? The last message I got was with an yahoo.com.br, if yahoo used spf instead of dk, the message would even be blocked, so whats the point of doing this? (btw, cant dkim have sending hosts specifieds like spf?) -Raul Dias