The mail has been bounced by an intermediate MTA (not using SPF) because the
final MTA (using SPF) rejected it.
Now the question is if mail that fail the SPF test should be bounced or
discarded. For example if John Smith sends legitimate mail saying
"MAIL FROM:<john(_dot_)smith(_at_)smith(_dot_)com>" through another SMPT
server, then
obviously he should receive the bounced mail informing him that he did
something wrong. But if a spammer sends mail saying
"MAIL FROM:<john(_dot_)smith(_at_)smith(_dot_)com>", then the mail should be
discarded, not
bounced.
<
I'm of the opinion that mail should never be discarded except by the end-user
(or an agent of the end-user, like a spam filter).
The real lesson is that if your MTAs prevent delivery based on SPF, then MTAs
should reject (not store and bounce), and (most importantly) that your relays
should always be equally or less permissive than your destination MX.
If these two rules are followed, then this bounce problem isn't.
Michael R. Brumm