checking host upstream of secondary mx

Hi all,

I use a commercial secondary MX service (dnsmadeeasy.com) for those times my small network might not be available.

For messages relayed though that service, what I'd like to happen is the SPF check be applied to the host *before* that in the delivery chain. That is,
- an email coming from google finds my primary MX is down, so delivers to my secondary MX;
- eventually the message is delivered from my secondary MX to my primary.
- In my primary I test SPF of the google server that sent the mail to me.

Per the man page and a couple of web mentions, I tried the Whitelist configuration parameter, giving all IP addresses for my secondary service. All that happens for such relayed messages is SPF checking seems to be wholly disabled. a snip from mail header is at end of this message.

Is there any configuration option that allows the check to step back through the delivery chain to the first untrusted service and check that one?

Or is what I'm trying to do a bad idea altogether? :)

thanks in advance

glen

<snip>
X-Comment: SPF skipped for whitelisted relay - client-ip=208.80.120.11; helo=mx1.dnsmadeeasy.com; <email address hidden>; <email address hidden>
Authentication-Results: mx.examplehost.com;
    dkim=pass (2048-bit key) header.d=gmail.com <email address hidden> header.b=SWyqTL9W;
    dkim-atps=neutral
Received: from mx1.dnsmadeeasy.com (mx1.dnsmadeeasy.com [208.80.120.11])
    by mx.examplehost.com (Postfix) with ESMTP id B288B4E096
    for <email address hidden>; Sat, 25 Jun 2016 12:02:09 -0700 (PDT)
Received: from mail-it0-f42.google.com (mail-it0-f42.google.com [209.85.214.42])
    by mx1.dnsmadeeasy.com (Postfix) with ESMTP id 846322B832BD
    for <email address hidden>; Sat, 25 Jun 2016 18:50:13 +0000 (UTC)
</snip>