I have this checkbox enabled for one of my domains and have sent myself gmail spoofed email on purpose to generate an SPF error, but the spam filter just passes it through. The email track and trace report shows it passing all anti-spam tests. Here is part of the header:
Authentication-Results: mx.messagelabs.com; spf=softfail (server-2.tower-343.messagelabs.com: transitioning domain of gmail.com does not designate 216.*.*.* as permitted sender)
The setting is set at “Use SPF in Dashboard > Services > Email Services > Anti-Spam” and I am requesting it append to the subject line.
One source I consulted says that the anti-spam detection setting for SPF only flags hard failures, not “softfails”.
Any help appreciated.