Hello All, Although I've been a member of this list for a while, I'm still very much a n00b when it comes to SpamAssassin. So please keep that in mind when you read my message (don't hurt me!)... :-)
Someone out there has decided to spoof our domain and send us spam. My first thought was that SPF checks were not working, but in analyzing the headers of a message one of our users received SPF_FAIL is triggering, but the weight is very low. My first thought is to increase the weight of SPF_FAIL, but I'm not sure what unintended consequences this may create? If increasing the weight of SPF_FAIL is not a good course of action, what do the mighty members of this list suggest? Here are the headers as an example: http://pastebin.com/bnU0npLR This particular email has a macro-enabled Word document attached, but I don't want to assume this will be the case every time. Any tips/tricks/suggestions would be greatly appreciated!