iSAMS sends mail on behalf of customers using the customer domain. Many of these customers will have spf records that to not include iSAMS's mail servers but do include the "-all" phrase. This means that many receiving mail servers will mark this mail as likely to be spoofed.
iSAMS really should communicate to customers how to configure their spf and ideally DKIM records in a article and ideally with an email to notify more users. This could be done as a blanket mail or by doing a lookup against the customer dns, for example the CIPHR service checks customers config.
I understand most of the mail is routed via sendgrid, so it might be as simple as forwarding your customers to sendgrids documentation:
https://docs.sendgrid.com/ui/account-and-settings/spf-records
Here is an example post from a company showing how they communicated their switch to a new mail server and the best practice config:
https://customercare.ciphr.com/hc/en-gb/articles/17711389535633-New-email-service
