We have recently received reports of messages being intermittently rejected due to SPF failure. We are running the latest build of smartermail 12.x
Our server is configured to block SMTP connections that fail SPF checks.
We have checked the source IP against their SPF record using this site
and the SPF record passes.
Most of these appear to be coming from *.outbound.protection.outlook.com
In order to rule out the local DNS server as the culprit, we set smartermail to use a DNS server on the same LAN instead of the local DNS server. No change in behaviour.
Is anyone else seeing this issue? At this point, I believe our only recourse is to disable blocking SMTP connections that fail SPF, but that seems like it would just allow more junk mail to be filtered. I'd much rather block SPF failures, but these seem to be legitimate.