Ramprasad wrote: > Hi, > I am using SA 3.1.1 as a module in MailScanner. > I am not able to get whitelist_from_spf working. > > In my local.cf I have > > ifplugin Mail::SpamAssassin::Plugin::SPF > whitelist_from_spf [EMAIL PROTECTED] > endif > > A mail from a SPF allowed IP is scored SPF_HELO_PASS ( evidently spf > checks are working ), but no USER_IN_SPF_WHITELIST > > why, do I have to do anything else ?? > You need to have a SPF_PASS, not a SPF_HELO_PASS.
SPF_HELO_PASS means the claimed hostname in the HELO sent to the server would pass SPF. SPF_PASS means the actual host (based on IP address) passed SPF. Only the second one is any kind of real pass. The first one can be trivially forged, and unless it fires with SPF_PASS, you may as well consider the email forged. Check your SPF records and your Received: headers more closely, apparently there's something preventing SPF from matching here.
