SPF fail question

[Tim Hall]

I didn't get an email from a customer last week. I didn't get one from him today either, as it had fallen into our spam trap thing.  The headers of the blocked email include the lines:

Received-SPF: Fail ($Server.my.work: domain of $Sender@customer.com does not designate 194.1.166.183 as permitted sender)
receiver=$Server.my.work; client-ip=194.1.166.183

Does that mean the problem is at customer.com or at my end? Is client-ip my end or client at customer.com?

[Kim]

Problem lies with customer.com, or at least with Customer's mail client configuration.

customer.com has a list in DNS of where emails purporting to be from customer.com are supposed to come from (this is called SPF).  $server.my.work goes and looks at this as a means of identifying potential spam.  The mail came to $server.my.work from 194.1.166.183, which appears not to be in the customer.com SPF record.

So either customer.com need to update their SFP record to reflect the SMTP server they're actually using, or Customer has tried to be clever and configured their mail client to relay via some random convenient SMTP server (eg. perhaps they're sending emails via gmail or their home ISP) that isn't in the list.

[Tim Hall]

Brilliant, thanks. I shall try to edjumicate him.