Where an email comes from is one of the principal criteria used in trying to block spam from reaching its targets. Sometimes this is based on what mailserver is making the connection, as some servers are known for delivering large quantities of spam and thus get "blacklisted," but a lot of spam travels through legitimate mailservers which shouldn't be blocked. Thus the sender, as recorded in the headers, is frequently used as a basis for refusing email. If the sender is an address within a domain known for sending out spam, the email is refused by the recipient's mailserver.

Spammers get around this kind of measure by simply faking what email address the message was sent from. Since the "from" and "reply-to" fields are simply text added to the headers by the email program the message is sent through, it is easy for a spammer to misrepresent where the email is sent from. This practice is known as spoofing or forging headers, and is sometimes called a "Joe Job." This makes it difficult for a machine to tell which emails to block and which to let through.

The other problem this spamming practice creates is that the spam looks like it originates from a domain not involved in spamming in any way. This results in spam complaints against innocent parties and can create a great deal of trouble for the owners of the faked domain names.

The SPF protocol provides a way to put a stop to this kind of deceit.