Bill Cole skrev den 2024-05-09 14:22:
In fact, I can't think of any whitelist test that should pass if SPF
fails.
If you operate on the theory that a SPF failure is always a sign of
spam, you can make your SpamAssassin always trust SPF failures
absolutely. I would not recommend that. Some people screw up their SPF
records. Other people forward mail transparently, which reliably breaks
SPF. SPF is broken *by design* as a spam control tool AND as a mail
authentication tool. We knew this 20 years ago, but it remains a useful
tool if you work with its limits rather than assuming that they do not
exist.
spf domain owner asked for hardfails, so why not score spf_fail as 100 ?
:)
on the other hans if spf domain owner asked for softfails it would not
still be 100
but i still suggest to report to dnswl, if not dnswl none listed
