I've been able to make SPF pass on all the sent emails from my Postfix server. But for forwarded domains which simply redirect email to my gmail id I see softfail in the SPF.
For example if I send email from a hotmail account to contactus@workingwoman.org then it is forwarded to test email id ragraggupta8899@gmail.com.
I've added SPF header "spf1 a mx -all" for my hostname(host.tariffplans.com) as well for all domains. The A record of all domains/subdomains is correctly pointing to my server IP : 23.239.30.81
But in the forwarded email header .. Google shows it as softfail. What could be the problem?:
Delivered-To: rag.raggupta8899@gmail.com Received: by 10.114.96.70 with SMTP id dq6csp51447ldb; Sat, 19 Jul 2014 23:05:03 -0700 (PDT) X-Received: by 10.182.65.66 with SMTP id v2mr22896624obs.74.1405836302184; Sat, 19 Jul 2014 23:05:02 -0700 (PDT) Return-Path: Received: from host.tariffplans.com (tariffplans.com. [23.239.30.81]) by mx.google.com with ESMTPS id js4si25593503obc.98.2014.07.19.23.05.01 for (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 19 Jul 2014 23:05:02 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning bhasker@hotmail.com does not designate 23.239.30.81 as permitted sender) client-ip=23.239.30.81; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning bhasker@hotmail.com does not designate 23.239.30.81 as permitted sender) smtp.mail=bhasker@hotmail.com Received: from BLU004-OMC4S20.hotmail.com (blu004-omc4s20.hotmail.com [65.55.111.159]) (using TLSv1.2 with cipher AES128-SHA256 (128/128 bits)) (No client certificate requested) by host.tariffplans.com (Postfix) with ESMTPS id 668E01E1619 for ; Sun, 20 Jul 2014 11:35:01 +0530 (IST) Received: from BLU181-W79 ([65.55.111.136]) by BLU004-OMC4S20.hotmail.com with Microsoft SMTPSVC(7.5.7601.22712); Sat, 19 Jul 2014 23:05:01 -0700 X-TMN: [mcaEHqstvkaYJBg7Y5zPleq+hEPF4BC7] X-Originating-Email: [bhasker@hotmail.com] Message-ID: Content-Type: multipart/alternative; boundary="_dfcd1b0c-5d39-4204-a29c-16fb51556946_" From: Bhasker Yamsani To: "contactus@workingwoman.org" Subject: testing Date: Sun, 20 Jul 2014 02:05:00 -0400 Importance: Normal MIME-Version: 1.0 X-OriginalArrivalTime: 20 Jul 2014 06:05:01.0018 (UTC) FILETIME=[8A96E3A0:01CFA3E0]
Best Answer
Your server
host.tariffplansindia.com
is receiving a mail from outside, in this casebhasker1@hotmail.com
. The receiver on your host iscontactus@indianworkingwoman.org
. Now your server relays that mail (without changing the envelope From-address) to gmail. The gmail server now gets a mail from your serverhost.tariffplansindia.com
with envelope-Frombhasker1@hotmail.com
. Now the SPF-Record ofhotmail.com
forbids all senders except its own, and you can't do anything about that. SPF breaks this kind of mail-forwarding, that's a known issue, but it's also solved by Sender Rewriting Scheme (SRS) from Open SPF.Using SRS, the relaying mailserver can rewrite the envelope-From so that it comes from a domain you control the SPF record for (
host.tariffplansindia.com
). Unfortunately, setting up SRS on a mailserver requires - in most cases - compiling and installing software by hand, there is only a very limited variety of available implementations and also an existing question of how to perform SRS on postfix.