Cisco Cisco Email Security Appliance C160 Mode D'Emploi

The 

spf-passed

 filter rule is only available in message filters.

You can use the 

spf-status

 rule when you want to address more granular results, and use the 

spf-passed

 rule when you want to create a simple Boolean.

If you use the 

spf-status

 filter rule, you can check against the SPF/SIDF verification results using the 

following syntax:

If you want a single condition to check against multiple status verdicts, you can use the following syntax:

You can also check the verification results against the HELO, MAIL FROM, and PRA identities using 
the following syntax:

You can only use the 

spf-status

 message filter rule to check results against HELO, MAIL FROM, and 

PRA identities. You cannot use the 

spf-status

 content filter rule to check against identities. The 

spf-status

 content filter checks only the PRA identity.

You can receive any of the following verification results:

None - no verification can be performed due to the lack of information. 

Pass - the client is authorized to send mail with the given identity.

Neutral - the domain owner does not assert whether the client is authorized to use the given identity.

SoftFail - the domain owner believes the host is not authorized to use the given identity but is not 
willing to make a definitive statement. 

Fail - the client is not authorized to send mail with the given identity. 

TempError - a transient error occurred during verification.

PermError - a permanent error occurred during verification. 

if (spf-status == "Pass")

if (spf-status == "PermError, TempError")

if (spf-status("pra") == "Fail")