Google inspects Received headers and checks SPF for each ignoring those
showing an RFC-1918 address, any of which failing means a pretty good
chance the message will be given the SPAM tag, i.e., SPF is checked not
just for the connected peer. So a message originated at 192.168.1.101
and relayed via 192.0.0.x with SPF saying that only 192.0.0.0/24 is an
authorized sender then all is well, but if it had originated at 1.2.3.4
Google would judge that it fails SPF and very likely be given a SPAM
tag. (Repeated more RFC-ishly at bottom)
More specifically if the message originated at internal.apple.com at
17.x.x.x then was relayed via the ESP at 192.0.2.x with SPF saying that
only 192.0.2.0/24 is an authorized sender of the FROM FQDN Google would
likely tag it SPAM because of the first Received header.
Given an SPF of "v=spf1 ip4:192.0.0.25 ~all".
Okay:
Received: from ([192.0.0.25]) by Google
Received: from ([192.168.1.101]) by myserver
Fail:
Received: from ([192.0.0.25]) by Google
Received: from ([1.2.3.4]) by myserver
/mark
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
