May be to give some background and from there please apply what works best for you.
Linkedin do DMARC.org, this means all the emails sent from Linkedin infrastructure will pass SPF (be with the mailfrom or helo strings) and be DKIM signed. Furthermore the domain present in all the strings will be aligned. Beware, MTAs on the way may change some of these characteristics. https://dmarcian.com/dmarc-inspector/linkedin.com http://engineering.linkedin.com/email/dmarc-new-tool-detect-genuine-emails There has been talk to do a DMARC like rule in spamassassin. I certainly would prefer people use the openDMARC milter, but I understand a spamassassin rule could be easier/faster to deploy. http://sourceforge.net/projects/opendmarc/ http://www.trusteddomain.org/opendmarc.html The above is my personal advice.
signature.asc
Description: Message signed with OpenPGP using GPGMail