We have had a couple NDRs over the last week or so based on Xtra's SPF policy.
We have an SPF record locked down to our mail servers IP address.
However, when we send an email to an address which is then redirected to an Xtra address we get an NDR - presumably because it is looking at the forwarding servers IP address rather than ours.
E.g. user@fakedomain.co.nz is forwarding to fakedomain@xtra.co.nz. If I send a message to user@fakedomain.co.nz it bounces back saying it was rejected by mx.xtra.co.nz based on SPF policy. Sending directly to fakedomain@xtra.co.nz is fine.
Mail forwarding of this nature is not uncommon, nor is having an SPF record. Surely this isn't expected behaviour by the Xtra servers?