SPF is not 'authentication', its a separate framework for dealing with
Sender Policy, hence the name Sender Policy Framework ;-)
I log SPF results on my public mail relays from the 'acl_check_mail'
like this:
acl_check_mail:
#
# log the SPF result
#
warn spf = !none
logwrite = MAIL: SPF Result=$spf_result
($sender_address_domain / $sender_fullhost)
... you can adapt it to add headers instead.
Mike
On 06/04/2021 03:32, Victor Sudakov via Exim-users wrote:
> Dear Colleagues,
>
> I have the following configuration:
>
> acl_smtp_dkim = acl_check_dkim
> begin acl
> acl_check_dkim:
> accept add_header = :at_start:${authresults {$primary_hostname}}
>
> However I see only the iprev= and dkim= results in the resulting
> "Authentication-Results:" header. What and where should I add to also
> see the SPF results there?
>
> On another box elsewhere, I have an "spf = fail" check in
> acl_check_mail, but on this box, I don't want to block incoming mail on
> SPF failure, I just want the result of SPF validation to appear in the
> "Authentication-Results".
>
