On 11/11/2017 07:31 PM, Stephan Herker wrote:
I'm running spam assassin default configuration which checks spf
records. In my case I received an email and it checked if the last
relay was a valid sender for SPF. The last relay was a server I have in
the cloud, so it failed SPF even though original sending server is on
senders SPF record. Should I disable SPF checks or is there a
configuration change I need to make?
Thanks
If you have a relay server in the cloud that you manage/control/trust,
it should be listed in your internal_networks and/or trusted_networks
(probably both). This will cause SA to look one hop back and should fix
a number of network-based checks like RBL checks in addition to the SPF
check.
https://wiki.apache.org/spamassassin/TrustPath
--
David Jones
