Cisco Cisco Email Security Appliance C160 Mode D'Emploi

You can only use the 

spf-status

 message filter rule to check results against 

HELO, MAIL FROM, and PRA identities. You cannot use the 

spf-status

 content 

filter rule to check against identities.

You can receive any of the following verification results:

None - no verification can be performed due to the lack of information. 

Pass - the client is authorized to send mail with the given identity.

Neutral - the domain owner does not assert whether the client is authorized to 
use the given identity.

SoftFail - the domain owner believes the host is not authorized to use the 
given identity but is not willing to make a definitive statement. 

Fail - the client is not authorized to send mail with the given identity. 

TempError - a transient error occurred during verification.

PermError - a permanent error occurred during verification. 

The following example shows the 

spf-status

 message filter in use:

skip-spam-check-for-verified-senders:

     if (sendergroup == "TRUSTED" and spf-status == "Pass"){

         skip-spamcheck();

     }

quarantine-spf-failed-mail:

     if (spf-status("pra") == "Fail") {

         if (spf-status("mailfrom") == "Fail"){