SPF check with empty FROM

Question

Hello, today we received a spoofed sender email which is strange since we have a proper SPF record in place. 
 Upon inspection I noticed the "From" header value was base64 encoded. Could it be that the SEA does not properly check the SPF record if the sender email is base64 encoded? 
 
 Thanks

Red_Warrior · Answer

SPF will only help against an MTA connection, not the DATA From. In terms of spam, most spammers will generate their own valid spf records because it's literally 1 line in a shell. 
 I would have a look at this kb . adding you domain to the hosts would stop someone from sending mail to yourself from your own server.. and adding your domain to the senders tab as discribed will drop mail that originates with a public ip with a DATA from of your domain. 
 The only thing to really consider is if you have a legitimate company spoofing mailings on your behalf that mails to your domain. IE mail chimp or other bulk mailers. 
 https://community.sophos.com/kb/en-us/118845