I'm trying to understand how SPF and DKIM can be used to prevent email spoofing. One of the things I find confusing is that the SSID/AUID of a DKIM signed message can be different from both the envelope From and header From.
For example:
Say I receive an email via mailer.com
with an envelope From: foo@bar.com
, a header From: baz@noreply.com
, and the DKIM headers specifying a SSID (d
tag) of relay.com
.
bar.com
has aspf
record includingmailer.com
somailer.com
checks outrelay.com
has a DKIM record which verifies the signatures in the DKIM header, but...
How do I know relay.com
can be trusted for emails from bar.com
? Does bar.com
need to include relay.com
in their spf
records?