Even if a user or domain is on your trusted senders list, SmarterMail will still do some basic checks to ensure the sender is actually the sender. While some email systems allow trusted senders to be delivered to a user's Inbox without any validation checks, that can lead to major issues. As it is, anyone can write any return path that they want when sending a message. Spammers know this and can exploit mail servers that have implicit trust and flood users with hundreds and hundreds of messages that aren't truly from a "trusted" sender. This jeopardizes the security of that mail server.
Therefore, SmarterMail will always run SPF and DKIM checks to guarantee the return path of an email. Using SPF and DKIM checks, even on trusted senders, allows SmarterMail to reverse the domain and IP address that sends a message to make sure they match. If they do not, there is a very good chance that someone is impersonating the sender, which invalidates the trusted status. Even if the message isn't actually spoofed, that sender's domain has SPF and/or DKIM mis-configured. Services like Gmail, Office 365, Yahoo and others, are beginning to enforce strict implementations of security measures such as SPF, DKIM and even DMARC. So sending domains with incorrect set ups in any of these areas will see more and more issues when sending messages. Administrators need to be aware of this and ensure that their servers and domains are set up properly to avoid any delays in sending mail.