In <01a601c58e9b$a2809ce0$6401a8c0(_at_)hdev1> "Hector Santos"
<spf-discuss(_at_)winserver(_dot_)com> writes:
draft-schlitt-spf-classic-02 makes a reference to the possibility of having
multiple Received-SPF records.
What are the typical reasons why there might be multiple Received-SPF
headers?
Scott gave a pointer to a thread that discusses at least one case, I
didn't read all of the thread so I don't know if any other cases were
mentioned. Anyway, off the top of my head, I can think of:
* MTAs checking the outbound to make sure their customers aren't
forging emails (Scott's case)
* Mail that gets sent through a forwarder or mailing list and the
forwader/list checks SPF.
* Spammers/phishers who think that by putting a Received-SPF header in
their email, that they will fool people.
If so, how should it be handled? Which one prevails, which one is show to
users, if done?
Only the last one added (top most header)?
I would say that only the top most header should be displayed, and
only if you know that it was added by a trusted MTA. Received-SPF:
headers are supposed to be trace headers like Received: headers.
-wayne