Hi, I received an email from ncua.gov sent through Zix that apparently was an SPF softfail. It also hit FROM_GOV_SPOOF. I wanted to see if the two were related, or what the reason was for this email hitting so many spam rules.
meta FROM_GOV_SPOOF !__NOT_SPOOFED && __FROM_ADDRLIST_GOV && (! NO_RELAYS && ! ALL_TRUSTED) tflags FROM_GOV_SPOOF net publish describe FROM_GOV_SPOOF From Government domain but matches SPOOFED Why is there a SPF softfail with Zix? Certainly it's possible there just so happened to be a DNS problem at that time, but just wanted to be sure something else wasn't happening - I don't want to wait until an email is rejected from this sender before doing something about it. X-Spam-Status: No, score=3.449 tagged_above=-200 required=5 tests=[BAYES_05=-0.5, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, DMARC_NONE=0.1, FORGED_SPF_HELO=1, FROM_GOV_SPOOF=1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, KAM_DMARC_NONE=0.25, KAM_DMARC_STATUS=0.01, KAM_EVIL_NUMBERS4=1, KAM_LOTSOFHASH=0.25, LOC_CDIS_INLINE=0.1, RCVD_IN_DNSWL_LOW=-0.7, RELAYCOUNTRY_LOW=0.1, RELAYCOUNTRY_US=0.01, SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.665, TXREP=-0.177, T_KAM_HTML_FONT_INVALID=0.01] autolearn=disabled https://pastebin.com/8sSqYh9u