Categories: General How-To :

How do I enable SPF checking?

Showing 1-3 of 3 messages
How do I enable SPF checking? Coban 7/16/12 7:51 AM
We already have Postini but every so often phishing mail gets look legitimate until you check the hyperlinks.
In plain English, where do I go or who can I contact to get SPF checking set up?
Will it block legitimate senders?  If so what can be done about that?
Re: How do I enable SPF checking? FrankM Forums-TC 7/16/12 8:55 AM
Re: How do I enable SPF checking? JMINATL 8/2/12 1:00 PM
You will likely run into an occasional sender that has problems with SPF.    They aren't common, and typically are 1-off type email senders in a DMZ that don't use the regular email system of the sending organization that was missed when setting up SPF records.

The way I've implemented SPF a number of times is to enable SPF for the EMAIL Config after whatever schedule/notification is needed, and then run a log search a few times daily for the following week (under Log Search, "more search criteria" / Disposition Filter: Sender Policy Framework) scanning over the blocks for what may be false positives and investigating.   It can get tedious for larger organizations, but keeps the tickets from coming in.

If you find a false positive, release the email then go to to Email Config/Inbound Servers/RPF/Add Domain and add an entry for that sending domain to "Bypass - Skip IP Lock Test" for Fail and Softfail for the problem domain.