I'm reasonably certain that this is my own mistake, but I need help tracking down what I've done wrong.
I have postfix/amavisd (and other software components) in a mail relay role, sitting between an Exchange server and the Internet. All email coming in from the Internet and all email heading out towards the Internet passes through this installation. We have SPF information on in our DNS. I *thought* I had everything set up so it would check SPF records on any message coming in from the Internet, but one of our executives received a spam email that had another of our executives as the "From" address. At the very least, I would hope that this would result in some kind of info (spamassassin score increase, an added header, subject modification, etc) to indicate that SPF was violated, but there was nothing. Looking at the headers, it definitely came from the Internet. The postfix version is 2.11.0-1ubuntu1, amavisd is version 1:2.7.1-2ubuntu3. All the software is installed using distro packages in Ubuntu 14. Can I get help with this problem here? If so, what information do I need to include? Thanks, Shawn
