Spamassasin not catching spoof emails - despite SPF failure


Our Webmin / Virtualmin installations Spamassasin module is not catching any spoof emails. It is not even scoring them with an SPF failure despite my attempts to up the score for the SPF failure.

I have installed the SPF perl module as originally we had the issue where the module was not installed so now Spamassasin can use it, if i run it from the command line here some lines confirming its doing SPF checks:

May 23 13:52:19.592 [19469] dbg: spf: checking to see if the message has a Received-SPF header that we can use May 23 13:52:19.633 [19469] dbg: spf: using Mail::SPF for SPF checks May 23 13:52:19.633 [19469] dbg: spf: checking HELO (helo=xxxx, ip=xxxx) May 23 13:52:19.634 [19469] dbg: dns: providing a callback for id: 40225/xxxx/SPF/IN May 23 13:52:19.637 [19469] dbg: dns: providing a callback for id: 18076/xxxxx/TXT/IN May 23 13:52:19.639 [19469] dbg: spf: query for /xxxxx: result: none, comment: , text: No applicable sender policy available May 23 13:52:19.641 [19469] dbg: dkim: author xxxxx, not in any dkim whitelist May 23 13:52:19.642 [19469] dbg: spf: already checked for Received-SPF headers, proceeding with DNS based checks May 23 13:52:19.642 [19469] dbg: spf: checking EnvelopeFrom (helo=xxxxx, envfrom=xxxx@xxxx)

My file has the following:

required_hits 5 report_safe 0 rewrite_header subject [SPAM]

required_score 4
report_header 1
fold_headers 1
detailed_phrase_score 1
use_bayes 1
dns_available yes
score SPF_FAIL 8
score SPF_SOFTFAIL 6 *
score RDNS_NONE 5

Now when i spoof a mail the headers at the receiving address have the following:

X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on xxxxx X-Spam-Level: X-Spam-Status: No, score=0.8 required=4.0 tests=HTML_IMAGE_RATIO_02, HTML_MESSAGE,TVD_SPACE_RATIO,URIBL_BLOCKED autolearn=no version=3.3.1

How can i be explicitly telling Spamassasin to increase score for SPF failures and not see anything in the receiving email?

The system is Centos 6 and i am running as spamassasin as opposed to spamc / spamd

Any help is hugely appreciated