On 7/15/2015 4:04 PM, Kevin A. McGrail wrote:
Why is it looking for an SPF record for rrdesp.com? That is the
sending server, shouldn't it be using the domain from the From or
Envelope-From instead? This SPF check looks backwards to me. Am I
missing something?
No, you are on the right path. SPF checks the envelope not the From:
Header. Without something like DKIM, the whitelist_auth likely isn't
applicable for your situation.
staplesbilling.com actually uses DKIM, but it always comes up as invalid
by the time SA sees it, so that isn't particularly useful. I managed to
get my MTA to add a Received-SPF header, but SA ignores it - presumably
because the MTA puts it at the bottom of the headers rather than inline
with the Received headers.
Why doesn't SA check SPF for the From header? Isn't the whole point of
SPF to be able to link the From address to a list of servers allowed to
send mail from that address?
--
Bowie
