From this maillist the x-spam-status is:
No, score=-11.1 required=4.8 tests=BAYES_00,RCVD_IN_DNSWL_HI,
RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_SAFE,RDNS_NONE,SPF_PASS
autolearn=unavailable version=3.3.1
Hehe, this is another server which is on Spamassassin 3.1.1, seems it
is using SPF on this box. So far all mail from the list has come via
this server as its the preferred MX server for this domain.
Ok, so I just did a search on the last 1000 messages to be delivered
via the server we started looking at, and there are many instances
where the x-spam-status has some SPF values; ie SPF_PASS,
SPF_HELO_FAIL etc
So I think that proves it is using SPF doesnt it? If you´d agree then
my next question is why did it delivery mail with a spoofed email
address of a domain that it is hosted on our mail server? Im using
exim and Im looking at an example of this type of spam and its got
both the return address and from fields showing an email address from
a domain hosted on our mail server :S Thats not what SPF is meant to
do surely?
Yep I got the Mail::SPF module installed.
Quoting Benny Pedersen <m...@junc.org>: