SPF rules overriding Trusted Sender

I have a client that's complaining that his emails from a certain company are going into his junk folder. This person's domain is in his trusted sender list.

It looks like the spf check is overriding the trusted sender, surely that shouldn't be the case?

Looking at the email header info its showing:

X-Identity: 77.246.24.115 | [No Reverse DNS] | thedomainthatssending.co.uk
X-SmarterMail-Spam: Reverse DNS Lookup [ReverseFailed]: 20, SPF [Fail]: 30, DK [None]: 0, DKIM [None]: 0, Declude: 37
X-SmarterMail-TotalSpamWeight: 87 (Trusted Sender - User, failed SPF)

I've had to disable the spf check for now on the server.

By the way the spf record was invalid but that has been changed, but its still obviously picking up the old one somehow, cached?

echoDreamz Replied

4/30/2021 at 1:27 PM

Yes, that should be the case. Imagine, you whitelist someone@paypal.com and some attacker emails you spoofing someone@paypal.com their SPF record says nope, this mail server isnt valid for paypal.com emails, if SM ignored that, the trusted sender would be "trusted" even though, the sender isnt really the trusted sender you believe they are.

SPF checks are critical to making sure the sender is indeed who they say they are (assuming they have SPF setup).

As for the caching, yes, DNS records are cached, but not by SmarterMail, by whatever DNS server you have setup in SmarterMail's settings.

YS Tech Replied

4/30/2021 at 3:41 PM

Thanks, I found another thread explaining this as well.

Understood.

2 Replies

Reply to Thread

Related Knowledge Base Articles

2 Replies

Reply to Thread

Tags

Related Knowledge Base Articles