2 - spf check
Once the message passes the “sender check” (see the overview),
we must be sure that the sender address has not been spoofed*.
* = make the message appear from someone other than the actual source
SPF authentication helps us identifying if the message has been sent through an authorized server.
The envelope sender’s domain contains this information, that is in a safe place, outside the email message.
SpamStop will add a subject prefix, only if the message has not been authenticated correctly:
:: spf-none :: if the sender domain contains no information to authenticate the email :: spf-softfail :: if the smtp server is not listed among the authorized ones but this case should be treated as a "softfail" :: spf-fail :: if the smtp server is not listed among the authorized ones and the email should be rejected or discarded
Sometimes the information recorded at domain level is not correct/understandable.
:: spf-permerror :: if a permanent error has occured (eg. badly formatted SPF record)
SPF check is made against the “envelope sender” email address. In this case the recipient may see another “from” address.
:: spf-diff :: if the "envelope sender" and the "from" addresses are different