Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [spf]

Sender Policy Framework is a standard by which the owner of a domain uses a specially formed DNS record to advertise which hosts are authorized to send email for the domain.

Sender Policy Framework (SPF) is a technique to prevent e-mail sender address forgery. With SPF system administrators add information about allowed senders for particular domain in a DNS server's TXT and/or SPF record.

Please have a look at the canonical question What are SPF records and how do I configure them.

869 questions
0
votes
2 answers

Why does DMARC fail for forwarded emails from this particular domain when it passes for all other domains?

I run a virtual mail server that forwards emails to my domain to a Gmail address, and I use PostSRSd to rewrite the addresses. For example, if someone sends an email to john@mydomain.com, my mail server will rewrite the address (to something like…
John Doe
  • 323
  • 3
  • 16
0
votes
1 answer

Hotmail does not flag or remove phishing messages from email addresses on a domain with SPF enabled

The email address of the sender of our newsletter is used for phishing purposes. We do have a valid SPF record (ends with -all) and dmarc on our domain (confirmed by mxtoolbox.com : every checks are green/good). However, some hotmail.com and yahoo…
sglessard
  • 109
  • 3
0
votes
1 answer

Confused About Why SPF Needs My Email Apps Domain

FYI: we have a custom domain and we pay for Google Workspace to use that domain for our email/gmail. i have SPF, DKIM, & DMARC all setup, and a Google tek support person verified it was correct over a year ago. we use the Apple Mail app on our Macs…
SyberKnight
  • 111
  • 2
0
votes
1 answer

Mail proxy with SPF and DMARC without changing FROM headers

Here is my situation. We have internal network, with lots of 2nd level subdomains - foo.internal.domain.ltd as example. Those subdomains may or may not have public DNS records with Class A IPs. Then, we have a single subdomain, that acts as a proxy…
Georgi Yankov
  • 13
  • 2
0
votes
1 answer

SPF-record for domain vs. sub-domain

For historical reasons my e-mail address uses a subdomain: me@foo.example.com. My sending (and receiving) servers are completely different from those of the top-level example.com itself. Recently, the top-level domain added an SPF-record and now…
Mikhail T.
  • 2,338
  • 1
  • 24
  • 55
0
votes
0 answers

postfix configuration to prevent bounces when relaying to 3rd party (e.g. src -> my@work -> my@gmail)

i have an active mail relay that is using aliases as a main tool, at some point we started to get bounces for some emails. Source: somerandomsenderdomain.com Destination: myemaildomain.com mailinglist1: myuser@gmail.com,…
DrunkMice
  • 1
  • 2
0
votes
1 answer

Need to Add SPF Record

We had the warning about spf containing to many lookups. Deleted txt ourdomainname.com v=spf1 ip4:50.87.253.89 a mx include:websitewelcome.com ~all as we are no longer on bluehost which the ip references. Hosted on siteground but use cloudflare dns…
Kimberly
  • 1
  • 1
0
votes
2 answers

Root domain in SPF record instead of full hostname

Can i use root domain like google.com instead of _spf.google.com in SPF record?. My SPF record v=spf1 include:_spf.mx.cloudflare.net include:_spf.google.com include:mxsmtp.sendpulse.com +a +mx ~all Can i change it to v=spf1 include:cloudflare.net…
Stellan Coder
  • 99
  • 1
0
votes
2 answers

SPF record not getting recognized for mail server domain?

I'm currently attempting to setup a mail server on Debian. So far I've installed postfix and opendkim. I've also configured an FQDN, rDNS, DKIM, DMARC, and SPF, but the latter doesn't work somehow. An SPF record for mydomain.net gets recognized,…
St4rb0y
  • 59
  • 7
0
votes
2 answers

Mail Validation: SPF qualifier ?all

How do mail servers (i.e. MS Exchange) handle the ?all option at the end of an SPF record? I know from RFC 7208 that ? results in a neutral response. It means the SPF explicitly doesn't state whether an IP address is authorized or not. But what do…
EaZyCode
  • 1
0
votes
1 answer

Bind9 one spf record for all zones

I want to create one include with SPF IP address to be used from all dns zones in my server. Can you suggest me how to do it? I work on BIND9. Thank you.
Andrey Simeonov
  • 1
  • 1
0
votes
1 answer

How to proper dns zone config for selfhosted email server

Looking to harden the sending authentication of my email server, I am looking for some usefull hints on the topic. As I have in total 4 Vps Servers where emails will be send from, registration confirmation, password resets etc... aswell multiple…
KaliMucho
  • 1
  • 1
0
votes
1 answer

Are SPF records checked depth first or breadth first (or something else)

We have a domain which has 11 includes; so is failing SPF validation as it's gone over the limit. Most of the lookups are for third party resources, so flattenning the SPF record isn't ideal; we'd rather ensure that things are updated dynamically…
JohnLBevan
  • 1,214
  • 7
  • 22
  • 46
0
votes
0 answers

configure iis6 smtp server to send from a specific IP

We have a dedicated Windows 2016 server that hosts multiple websites. Each site uses the IIS6 SMTP server to send emails from the websites (enquiries, order confirmations, etc.) - each site has a unique IP address but messages sent from the server…
scim1971
  • 1
0
votes
0 answers

Do I need to setup this postfix as a "relay" ? To forward all my emails to my gmail

I am not sure what function I need in this situation, or how to configure it... I have many domains, with email accounts me@mydomain1, me@mydomain2, I set my domains to have my one mail server (which is a separated / dedicated domain) by MX record,…
adrianTNT
  • 1,077
  • 6
  • 22
  • 43
1 2 3
57 58