SPF - Sender Policy Framework

BEJY uses SPF to validate email senders.
Since there are many domains without SPF record BEJY supports local SPF files to extend or override SPF information.

extendSpf.xml

The file extendSpf.xml is used if there is no SPF record. Add an SPF entry here, if there is a valid sender which is blocked by BEJY's guessPermission algorithm.
The extendSpf.xml looks like:

<spf>
  <domain name="adomain.de" value="v=spf1 a:%{p2l}.mail.%{p3} a:%{p1r}.mail.%{p3} mx -all" />
</spf>

If there is a blocked e-mail which you want to allow, search the smtp log file and enter an new domain entry in the spf file. The simplest entry is to allow the sending server which appears in the log file. I also recommend to always allow the mx entries (the receiving e-mail servers).

<spf>
  <domain name="adomain.de" value="v=spf1 a:%{p2l}.mail.%{p3} a:%{p1r}.mail.%{p3} mx -all" />
  <domain name="other.dom" value="v=spf1 a:sending.server.foo mx -all" />
</spf>

Note that the macro %{p2l} is not a standard SPF macro. "l" yield the segements from the left without reverting those.
If %{p} resolves to "a.b.c.d" then

a:%{p2r}.mail.%{p3} results into "b.a.mail.b.c.d"
a:%{p2l}.mail.%{p3} results into "a.b.mail.b.c.d"

overrideSpf.xml

The file overrideSpf.xml is used to replace SPF record, e.g. because the record is invalid or simply allows any server.
The syntax is identically to the extendSpf.xml

<spf>
  <domain name="totallybog.us" value="v=spf1 a:correct.one mx -all" />
</spf>

important to know

if you edit one of these files, BEJY detects the change and uses it instantly
maybe you should also e-mail a note to the DNS admin and tell him that the SPF entry is missing or wrong