Currently, the most widespread use of SPF is to whitelist domains,
that are known to ensure, that viruses, worms and spam don't come
from their mailservers.
Nobody can *ensure* that. Today most mail worms will forge the From:
address, so any method that allows you do reject a mail message because
of a discrepancy between the headers and where it really originates will
block those worms.
However....
There is nothing that prevents a worm from determining the "true" user and
domain of an infected machine, and then mail itself, looking just like any
other mail from that machine/user. SPF will be powerless in that case, but
then again...it is not designed to stop something like that.
--
Fridrik Skulason Frisk Software International phone: +354-540-7400
Author of F-PROT E-mail: frisk(_at_)f-prot(_dot_)com fax:
+354-540-7401