I'm thinking of adding an SPF to a domain. So I'm concerned if there are circumstances under which my MTA would use some relay when sending mail. Like, when the destination servers are too busy or something? I'm mainly interested in postfix
's or exim
's default settings.
No, if you don’t configure any relay (and don’t fiddle around on the network layer) , an MTA will try to deliver to whatever DNS says should get the mail.
No. Your server will attempt to send email to the server whose host is described by the MX record(s) for the destination domain.
Of course there is. If you send mail from an address
[email protected]
and the recipient is[email protected]
you don't know whether it will relay that mail. You will often see the situation that the mail lands finally in[email protected]
and you will get a report from google.com who report a quarantined message because of SPF failure.This is why you always need DMARC and DKIM, and SPF is your backup mechanism for (rare) cases when DKIM fails on you. A good description is in chapter 1 and 2 of RFC 7489 (DMARC).