像neutral一样,根据您在邮件服务器上面的 DMARC 设置情况,SPF softfail可以在 DMARC 中被解释为 pass 或者 fail。在 OpenDMARC 中,SPF softfail缺省被 DMARC 解释成 fail。 SPF fail 解释 SPF fail,也被称为 SPF hardfail,显式地宣称连接主机不被允许使用该域名来发送邮件。这可以通过在 SPF 记录的末尾添加 -...
none:Unable to resolve domain nameor find SPF record in the domain neutral: The domain does not explicitly state that the IP address is authorized fail (hard fail): The client is not allowed to use the domain fail (soft fail): The host is probably not authorized ...
This record indicates that only Google Workspace is authorized to send mail on our behalf (include:_spf.google.com), while any message sent from other mail servers will "Soft Fail" the SPF check. Of course, you could also use "Hard Fail" by using "-all" so messages sent from ...
+Pass(+all) – An email sent with a server/IP address that doesn’t match with the SPF record, will get a pass anyway. –Hard Fail(-all) – An email sent with a server/IP address that doesn’t match with the SPF record, will not pass SPF authentication. ~Soft Fail(~all) an em...
I think one of the reasons this is hard to satisfactorily answer, is because your core argument seems to be based on a theoretical ideal situation, not on the real world. In principle, is DKIM not enough? Yes, sure, if your DKIM always works and no mail server ever rewrites your ...