But that's not how SPF works. In SPF, the domain of the envelope header sender address is checked against that domain's sender policy. Since jdlabs.fr has no policy specified, a strict SPF policy at the NANOG server would have prevented this small issue. As for the utility of SPF, well. It's not comprehensive, no one I know would say that it is. But it's a bit of a stretch to say that has zero value. It would have prevented this latest bit of fun, which seems to have people upset, so there's *some* value. -Ian On Tue, Oct 27, 2015 at 8:40 AM, Jutta Zalud <ju@netzwerklabor.at> wrote:
Am 27.10.2015 13:09, schrieb Ian Smith: <snip> If it does (which I don't know), it will probably check the SPF record of the delivering mailserver, which was not *.jdlabs.fr as far as I can see from the mailheaders.
Jutta Zalud