My PMG does not receive incoming mail directly. It gets the mail from another MX that does relay all mail to the PMG. This other MX does the SPF check on all incoming mail.
This check does PASS:
There is only that one "Received-SPF:" entry in the entire header.
The SPF check on the PMG is disabled.
But spamassassin's SPF check does fail. It does ignore the Received-SPF header and does the SPF lookup itself with the IP of the receiving internal relay and fails.
From the spamassassin docs:
ignore_received_spf_header is NOT set to 1
This check does PASS:
Code:
Received-SPF: pass (posteo.de: 185.67.36.65 is authorized to use 'XXXX@posteo.de' in 'mfrom' identity (mechanism 'ip4:185.67.36.0/23' matched)) receiver=mx.mydomain.tld; identity=mailfrom; envelope-from="XXXX@posteo.de"; helo=mout01.posteo.de; client-ip=185.67.36.65There is only that one "Received-SPF:" entry in the entire header.
The SPF check on the PMG is disabled.
But spamassassin's SPF check does fail. It does ignore the Received-SPF header and does the SPF lookup itself with the IP of the receiving internal relay and fails.
Code:
SPF_SOFTFAIL 0.972 SPF: sender does not match SPF record (softfail)From the spamassassin docs:
ignore_received_spf_header is NOT set to 1