I'll try to explain the general situation:
Traditionally there has been no way of knowing which mail servers are expected (or allowed) to send mail with a specific domain name in the sender address.
As hosted mail solutions are (and have been) quite common, I wouldn't consider matching the domain name in the sender address to the claimed hostname or reverse DNS record of the sending mail server to be a particularly good metric for spaminess.
Enter SPF. With SPF the owner of a domain name can add a special record in DNS which explicitly states which mail servers are allowed to deliver mail from addresses in that domain. Receiving mail servers can just look up the SPF record of the domain used in the address of the sender and if there is one, they can then verify that the sending mail server is listed as allowed to send mail for that domain.
However, SPF is normally used for verifying the envelope sender address (MAIL FROM during SMTP communication) rather than the mail header From address (displayed by the Mail User Agent).
The EPiServer Mail service sends mail with an envelope sender address somewhere in the *.episervermail.episerver.com domain (so that any bounces can be collected by the service rather than arriving in the inbox of the sender), while the header From address is specified by the EPiServer Mail user, so normally SPF is not actually an issue in the first place.
In cases where SPF turns out to be an issue or if you just want to guard against any potential issue that may arise there is a simple solution available: we maintain an SPF record containing a list of IP addresses used by the EPiServer Mail service for delivering mail, so a customer can use the "include" directive in their own SPF record to add our record as part of their own (see http://world.episerver.com/Documentation/Items/Installation-Instructions/EPiServer-Mail1/Installation-Instructions---EPiServer-Mail-441/ for details).
Eg, an existing record "v=spf1 mx ip4:126.96.36.199 -all" would be changed to "v=spf1 mx ip4:188.8.131.52 include:_cluster1.episervermail.episerver.com -all".
The customer's technicians had this as a big issue. I get what you're saying about the MAIL FROM, so that would make this a non-issue, but if there would be a problem we can look at the SPF record.
Thank's again for a quick and insightful response!
Hi, another question: How is spam filtering caused by missmatches on sender's domain and sender's IP handled? It's the EPiServer service that sends the mail, but the from address typically contains the sender's domain. When the mail client sees that the sender's domain doesn't match the sender's domain it could concider the mail as spam. Is that handled in any way?