SPF rules overriding Trusted Sender
Problem reported by YS Tech - 4/30/2021 at 6:08 AM
Not A Problem
I have a client that's complaining that his emails from a certain company are going into his junk folder. This person's domain is in his trusted sender list.
It looks like the spf check is overriding the trusted sender, surely that shouldn't be the case?

Looking at the email header info its showing:

X-Identity: | [No Reverse DNS] | thedomainthatssending.co.uk
X-SmarterMail-Spam: Reverse DNS Lookup [ReverseFailed]: 20, SPF [Fail]: 30, DK [None]: 0, DKIM [None]: 0, Declude: 37
X-SmarterMail-TotalSpamWeight: 87 (Trusted Sender - User, failed SPF)
I've had to disable the spf check for now on the server.
By the way the spf record was invalid but that has been changed, but its still obviously picking up the old one somehow, cached?

2 Replies

Reply to Thread
echoDreamz Replied
Yes, that should be the case. Imagine, you whitelist someone@paypal.com and some attacker emails you spoofing someone@paypal.com their SPF record says nope, this mail server isnt valid for paypal.com emails, if SM ignored that, the trusted sender would be "trusted" even though, the sender isnt really the trusted sender you believe they are.

SPF checks are critical to making sure the sender is indeed who they say they are (assuming they have SPF setup).

As for the caching, yes, DNS records are cached, but not by SmarterMail, by whatever DNS server you have setup in SmarterMail's settings.
YS Tech Replied
Thanks, I found another thread explaining this as well.

Reply to Thread