|
== Common mistakes when using an SPF record
| | == Common mistakes when checking incoming mail for SPF compliance
|
|
* [[#border-only|Process SPF policies at the right place]]
| | * [[#border-only|Process SPF policies at the right place]]
|
| | * [[#whitelist|Checking SPF On Forwarded Mail]]
|
* [[#best-guess|Guessing is OK, provided that...]]
| | * [[#best-guess|Guessing is OK, provided that...]]
|
|
* (for SPF: ) the sending host is your MX server, not the original contacting server
| | * (for SPF: ) the sending host is your MX server, not the original contacting server
|
| | ===[[##whitelist]]Checking SPF On Forwarded Mail
Mail forwarding is set up by the receiver and so for forwarded mail, the border mail server (at which SPF should be checked) is the forwarder's mail server. If you check SPF on your mail server it is coming from your forwarder and not from a mail server authorized by the sending domain. Technically this is similar to checking SPF against mail relayed from your secondary MX like discussed in the previous item. Authorized forwarders should be whitelisted against SPF checks to avoid this problem.
|
===[[##best-guess]]Enabling a "best guess" mode
| | ===[[##best-guess]]Enabling a "best guess" mode
|
