let say my domain @test.com. I've tried telnet to my server ( let say 192.168.7.10:25 )  from 192.168.7.20
helo mail.test.com
mail from: <>
rcpt to: abc@test.com
data
subject: try to spoof my email
from: abc@test.com
test
.

quit

spamassassin  only score this mail 5.018.   
please help

I've already set spf that resolve domain @test.com  to 192.168.7.10

ok i've tried this

helo mail.test.com
mail from: test@hotmail.com
rcpt to: abc@test.com
data
subject: try to spoof hotmail
test
quit

X-Spam-Flag: NO
X-Spam-Score: 5.219

$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.2;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on hi spam
$bounce_killer_score = 100;  # spam score points to add for joe-jobbed bounces

$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?

I try to solve spoof email. I can spoof hotmail.com with my ip.

ok,
1. I'm on my server 200.151.21.247
2. My Iredmail server is on another ip, let say, 200.151.21.248 (hostname: mail.test.com) . There are domain @test.com on that server. I've tried sendmail by telnet to that iredmail server as below:
$ telnet 200.151.21.248 25
helo mail.test.com
mail from: fake@hotmail.com
rcpt to: abc@test.com
data
subject: try to spoof hotmail
test
quit

3. abc@test.com got that fake email

the question is:
1. Why can I spoof hotmail.com. spf of hotmail.com is sure not on 200.151.21.247, right?
2. How can I prevent this situation?