On Wed, Mar 17, 2004 at 08:45:18PM -0000, Lyndon Eaton wrote:
I use this with my C/R software to provide an envelope MAIL
FROM: which
will be valid for only 14 days, for bounces to go to. Then
my Reply-to:
is an address which is only valid for 30 days for the person to reply
to. The From: is just my plain vanilla address because it
looks nicer
than cryptographic cookies, etc, and it can still be typed in
by people
to contact me.
Maybe you missed my point slightly, what I was not trying to say is "if
the MAIL FROM and From dont match the email is spam". But an email that
joe blogs types in Outlook would have the same MAIL FROM and From:
fields. So the majority of geniune emails (not all!) will have the same
MAIL FROM and From.
Correction... What about me who I have my client munge the From:
header but the return path is handled by the MSP/MTA when it is sent and
generally has my actual account name address in there. They don't match
but it's also not spam, but would be given your broad stroke assumption.
Besides the fact that the From: header can't be read until the
headers after the MAIL FROM has already been seen. If the MAIL FROM is
obviously bogus then why even waste the resources of going any further
with the process?
Like a mailing list, you would create SPF records for the domain you
choose to use in your MAIL FROM.
The cant think of a reason why somebody would need to check the SPF
against the From field - maybe somebody is about to tell me? :)
Lyndon
Regards,
Jeremy T. Bouse