SPF (Sender Policy Framework) is a cool way of protecting a domain against fraud. We publish SPF records to say where our mails rightfully originate from. This adds another way for people to whitelist a particular domain.
Also, beyond the great help that the fallback MXs can give a domain, there are a few holes that make them vulnerable to spam which pretends to be destined for the primary MX but contacts secondary MX relay. The unsuspecting secondary MX will accept this and forward to the primary. This is how impersonating spam mails happen.
SPF check on self and other domains resolves this smoothly.
When someone tries to use the above technique from a non-SPF relay for the domain, (s)he will be politely told before the conclusion of the SMTP session that the dialog can not progress as SPF says it is not proper.
Good riddance thanks to postfix and its policy daemon. 
No user commented in " SPF and impersonation "
Follow-up comment rss or Leave a Trackback