The Zoho configuration is clear that we should all have SPF records so the email we send can be validated and not rejected as suspicious. Understood.
But is Zoho checking incoming SPF records from OTHER senders ?
I ask this because I'm getting some emails that APPEAR to be from an actual person I know, but when I looked more deeply to the email IP information, its clear its not really sent from their SMTP server, but rather FLIPORA, which most people regard as Malware. It would seem to me that Zoho should be checking the SPF record and rejecting the email. Is this being done ? A quick Google search of FLIPORA shows this is basically malware and phony email.