Microsoft’s outlook mail service, servers, starting with *.protection.outlook.com apparently added some servers without adding an SPF record for them.
This revealed a problem with our spf client. It is supposed to not reject but only flag the incoming mail and then it should go to your spam box. Unfortunately even though it was configured not to it is rejecting mail.
I have temporarily disabled SPF checking to allow outlook mail used by many large corporations to get through.
I have contacted Microsoft’s tech contacts to make them aware of their missing SPF record for some of their new servers.
And investigating why our SPF client is rejecting mail when it is not configured to do so, it appears the format of the configuration files has changed substantially since we installed it and it did not update the configuration file when updates updated the software.
The new software has added some additional capabilities not present in the old hence the need for new configuration.
I am uninstalling all the spf related software and re-installing to correct these issues. In the meantime we will still advertise SPF records for outgoing mail but incoming mail is not being checked so be very careful if you receive any mails asking you for authentication as they are more likely than not forged. Do not give banking info or login credentials to ANY e-mail asking, do not follow web links in e-mail.
I will send additional notice when new software is operational.