Many mail hosts will block or delay messages that fail an SPF check. When using our service, all your mail should come from our servers. Your mail host will check the SPF record for the message sender and see that our servers are not included in the SPF authorized server list for the sender. So your mail host will think the SPF for the message failed even if the SPF passed when we received it from the original sending server.
We suggest turning off SPF checks on inbound mail for your mail host. But if you can't turn it off for whatever reason, we can modify the message header to say that the message is coming from us and your mail host will see we are authorized to send mail on our own behalf, so it will pass the SPF check. It's a bit of a tricky workaround, but with email being old and rather slow to keep up with today's security standards, we have to help it along as much as we can.
In short, while it's enabled from the Settings > Filtering policies page, it's not filter, but rather a way to trick your mail host into not doing SPF checks if you can't turn it SPF filtering on your mail host.
Regardless of whether you enable this option, our service will handle all sender authentication checks during the filtering process.