Any way to turn off SPF for a specific domain?

[HostaHost]

I'm running with SPF on and set to reject when SPF resolves to fail. Is there any way to override this behavior for specific domains? My specific problem is with intuit.com; they like to deliver emails from servers not listed in their -all spf record so those messages end up rejected. The IP's are always changing so whitelisting by IP or network will not help the problem; I need to have a way to either set the server to not check SPF for intuit.com, or have some kind of override to make it always pass.

 

[IgorG]

I think that it is impossible because it is common handler. But you can try to add following Local Rule: v=spf1 +mx +a:<domain.name> -all

 

[HostaHost]

Is there any documentation on how the Plesk SPF testing works when Postfix is the MTA? I assume what happens is email comes in, Postfix is set to call Milter, Milter then does something and this is where I have no idea what's next. I *think* milter might have some relation to /usr/local/psa/handlers/hooks/spf but that's a binary so I don't know when it's called or what it does. I've also found /usr/bin/spfquery_static which lets me test things; I'm not sure if that's just for testing or is involved in the process and if it can be influenced in any way manually.

My only other idea, which I'd rather not do, is to create my own subdomain on a domain I control and add an SPF to it that lists all of the intuit.com sending address ranges that are not included in their standard SPF record, then add "include:subdomain.domain.com" to the server's SPF settings. The downside to that is it would be doing an additional DNS lookup for every incoming email just to fix intuit's problem.

 

[IgorG]

Have you seen this article http://kb.parallels.com/118694 ?
Especially pay your attention on mail_handlers_control utility.