I wouldn't use that myself, it removes a lot of options for allowing 
messages through from domains without spf, at least most domains have 
spf entries now so it's not fatal, but you may still bounce some valid 
messages.

To find why the message in question was permitted examine the user level 
spam log which should give the reason (I Hope).

     ChrisP.



On 23/07/2016 5:43 a.m., Paul M. Beck wrote:
> Hmmm…
>
> Is  “Blocked” relatively new, I don’t remember having that option when I set it (years ago)
>
> Thanks for the info changes made on all servers!
>
> Paul
>> On Jul 22, 2016, at 12:38 PM, Ed HIDDEN@ent.net> wrote:
>>
>> I prefer g_spf_mode "block".  Too much other stuff goes on when you use strict like guessing if the ip is "close enough".  Block means if it doesn't match it's blocked.  And that works 100% for us.
>>
>> --Ed
>>
>> On 07/22/2016 01:19 PM, Paul M. Beck wrote:
>>> SurgeMail Version 7.1f-46, Built Apr 18 2016 22:14:07, Platform OSX_intel (Surgeweb Enabled)
>>>
>>> g_spf_mode = Strict
>>>
>>> nothing to allow bypass that I can find.
>>>
>>>
>>> Why/How did the server let this through?
>>>
>>> Received-SPF: fail (Last token {-all} (res=FAIL)) client-ip=193.111.173.72; envelope-from=<gsxHIDDEN@cations@apple.com>; x-ip-name=mailgw1.minjust.gov.ua;
>>>
> SNIP
>>> X-MyRbl: Color=Yellow Age=0 Spam=0 Notspam=0 Stars=0 Good=0 Friend=2 Surbl=0 Catch=0 r=0 ip=193.111.173.72
>>> X-IP-stats: Incoming Last 0, First 0, in=1, out=0, spam=0 ip=193.111.173.72
>>>
>>>
>>>
>>>
>> -- 
>> -----------------------------------------------------------
>> EAS Enterprises LLC
>> World Class Web and Email Hosting Solutions
>> IPv6 ready today for your needs of tomorrow!
>> Ask us about dual-stacking your site
>> www.easent.net
>>
>