I may be sorry I brought this up. There's nothing wrong with your TXT record. This server acts as a virus/spam processor for mail relayed from a legacy server (for historical reasons). It filters with MailScanner/SpamAssassin. Looking through the SpamAssassin debug code, it checks my relay as the 'Envelope-from' and fails on -all. Although the information is there, the SpamAssassin plugin isn't sophisticated enough to trace it back to the originating server.
And, yes - it assigns a minor score (default 0.69) for SPF_FAIL and I don't lose any digests as Bayes just overwhelms it.
As long as your unqualified domain name has an A record and a matching PTR record SPF should work just fine (as long as there aren't any relays in-between).
Sorry for any inconvenience. Thanks for your excellent project.
On Wed, 28 Nov 2007 17:28:32 +0200, Timo Sirainen wrote
On Wed, 2007-11-28 at 11:17 -0400, Jim Flowers wrote:
Your spf record is broken:
dovecot.org. 39942 IN TXT "v=spf1 a -all"
Care to tell also why? dovecot.org's mails are sent from the same IP as its A record.
-- Jim Flowers jflowers@ezo.net