Lloyd Zusman writes:
And here's some new data: the same sender has recently sent identical email to another address on my server. And although SPF fails, the messages get properly sent to the courierfilter instead of being rejected. HOWEVER, this 417/517 rejection continues to occur when the messages are sent to the original recipient.So, what's the difference between the two recipient accounts? Recipient account 1: - SPF fails - Message gets sent to courierfilter - Account has no local maildrop rules Recpient account 2: - SPF fails in the same way - Message does not get sent to courierfilter, but gets rejected with a 417 or 517 error, depending on the setting of BOFHSPFHARDERROR - Account has local maildrop rules which automatically cause messages from this sender to be whitelisted
This has no effect on SPF. If a message fails SPF checking, it gets rejected. "Whitelisting", in the context of localmailfilter, only affects content filtering. It does not affect SPF.
All messages, whether their content is whitelisted from content-filtering or not, must still pass SPF checking.
The only kind of "whitelisting" that applies to SPF checking is the BOFHSPFTRUSTME setting, which exempts senders with relaying privileges from SPF checking.
pgpjD144K0Ze2.pgp
Description: PGP signature
