I've noticed a problem. We receive a few legit mails that has travelled
through a forwarder. That causes some problems for the SPF check.
Since the mail claiming to be from hotmail clearly doesn't arrive directly
from one of the machines listed in hotmail's spf record, the SPF_SOFTFAIL
kicks in another 1.4 points.
What can I do to prevent this from happening?
What you've described is the basic problem with SPF. It works fine as long
as things don't get forwarded, or otherwise come form unauthorized sources -
like the salesman closing a deal down at the corner wireless hotspot and
sending the deal in directly from his laptop.
There are only three things you can do if this is causing you a problem:
1 Disable SPF checks
2 Reduce the score on some or all of the SPF checks
3 Whitelist or otherwise provide a positive adjustment for specific senders.
None of those are particularly attractive things to do. However, you might
have to do one of them.
Now, there is another consideration. The SPF check is only adding 1.4
points. If your limit is the default 5 points, then you need to hit a few
other rules before the mail becomes a spam. If you have taken the threshold
down to something like 2.0 - well, there's your problem. The SPF rules (and
all the rules) were scored for a threshold of 5 points. If you are using a
lower threshold you should reduce all of the rule scores proportionally.
Since that is a big job, it is simpler to just leave the threshold at 5.
Loren
