Benny Pedersen wrote:
> On Mon, April 14, 2008 00:45, Moritz Borgmann wrote:
>> Now, this setup entails the well-known problem that if publishes an
>> SPF record, SpamAssassin (3.2.4) spanks the message with SPF_FAIL since it
>> checks the first *external* relay (, not the first untrusted relay
>> against's SPF policy. There's a comment about this in Plugins/'s
>> _get_relay():

> 2 ways of solving it:
> 1: make all forwarded ips as trusted

and that solves the problem? OP explictely said this does not and cited
a comment in

> 2: add forwarders to the spf as A:

this requires the root password to connect to other people domains. if
you have a url for that, let's fix all the broken sites now.
> 3: dont use forwards :-)

disabling spf rules is more reasonable.