Domain alias mail gets flagged as spam before alias is applied

[lifeboy]

In a quest to fix the issue described in #103 I have noticed this. This email was sent from a fully up to date P-MiaB server to another P-MiaB server. It should not be marked spam to begin with! However, it is, and it end up in the alias' spam folder, where it cannot be seen by a mail client because there is not logon for the alias.

/home/user-data/mail/mailboxes/giesler.za.net/roland/new# grep -R "Toets Poets" ../../../giesler.za.net/roland/ ../../../giesler.za.net/roland/.Spam/new/1670836842.M210201P4081268.box2,S=31134,W=31615:Subject: Toets Poets

How does one address this and prevent this from happening?

[lifeboy]

I have done another test, this time from a gmail account:

grep -R "Toets Poets" ../../../giesler.za.net/roland/
../../../giesler.za.net/roland/new/1670838432.M922098P4085393.box2,S=6288,W=6404:Subject: Toets Poets Boet!
Binary file ../../../giesler.za.net/roland/dovecot.index.cache matches
../../../giesler.za.net/roland/.Spam/new/1670836842.M210201P4081268.box2,S=31134,W=31615:Subject: Toets Poets
Binary file ../../../giesler.za.net/roland/.Spam/dovecot.index.cache matches

Also ends up in spam invisible to a GUI or mail client user

[lifeboy]

I have inspected the email headers of one of these spam messages:

X-Spam-Status: Yes, score=5.6 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DMARC_PASS,HTML_IMAGE_ONLY_08,
        HTML_IMAGE_RATIO_02,HTML_MESSAGE,SPF_FAIL autolearn=no
        autolearn_force=no version=3.4.4
X-Spam-Report:
        * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
        *  5.0 SPF_FAIL SPF check failed
        * -0.1 DMARC_PASS DMARC check passed
        *  0.0 HTML_MESSAGE BODY: HTML included in message
        *  0.0 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image
        *       area
        *  1.8 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of
        *      words
        * -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
        *  0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
        *       valid
        * -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
        *      author's domain
X-Spam-Score: 5.6

It seems SPF is the problem. In the "Custom DNS" page however this line is found:

Strict [SPF](http://tools.ietf.org/html/rfc4408) and [DMARC](https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/?include_text=1) records will be added to all custom domains unless you override them.

It seems this doesn't happen. However:

$ dig +short abellardss.co.za TXT
"v=spf1 mx -all"
$ dig +short gmail.com TXT
"v=spf1 redirect=_spf.google.com"
"globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="

So both mail originating servers have spf records and they seem correct.

$ dig +short abellardss.co.za MX
10 posboom.abellardss.co.za.
$ dig +short posboom.abellardss.co.za A
197.214.119.186

The originating mail domains have spf records, yet spamassassin still flags the spf as a problem. What is going wrong here?

[lifeboy]

Does anybody know what I can do here? This is now becoming a problem, since all mail seems to be flagged as spam before it reaches the destination mailbox.

[lifeboy]

When issue #103 was resolved, this one was also resolved.