SpamAssassin Rule: SPF_SOFTFAIL

Standard description: SPF: sender does not match SPF record (softfail)

Explanation

SPF (Sender Policy Framework) is an open standard specifying a technical method to prevent sender address forgery. The sender's domain is matched against a list of allowed mail relays for that domain. This states, for example, that mail from someone@example.com should have come via mail.example.com and not mail.badguys.info.

This often breaks where users have forwarded their email to another domain, but the forwarding mechanism is not SPF-aware. Such a user would see SPF_FAIL tags on some of their incoming mail.

Soft Fail

A "SoftFail" result should be treated as somewhere between a "Fail" and a "Neutral". The domain believes the host is not authorized but is not willing to make that strong of a statement. Receiving software SHOULD NOT reject the message based solely on this result, but MAY subject the message to closer scrutiny than normal.

The domain owner wants to discourage the use of this host and thus desires limited feedback when a "SoftFail" result occurs. For example, the recipient's Mail User Agent (MUA) could highlight the "SoftFail" status, or the receiving MTA could give the sender a message using a technique called "greylisting" whereby the MTA can issue an SMTP reply code of 451 (4.3.0 DSN code) with a note the first time the message is received, but accept it the second time.

From RFC 4408

Further Info

The default scores for this rule can be found in the online list of tests.


CategoryRule

Rules/SPF_SOFTFAIL (last edited 2012-04-27 18:27:04 by AndrewDaviel)