cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
111
Views
5
Helpful
1
Replies
Highlighted
Beginner

SPF verification

 

Dear all

 

We configured SPF verification and added dns record (v=spf1 mx ip4:x.x.x.x -all). When I send spoofed email on behalf of @mycompany.com from 3rd party service to my personal @mail.ru email address, that email reaches successfully. Don’t you thing that it should be dropped?

1 REPLY 1
Cisco Employee

Re: SPF verification

Hi Ccns90,

I understand that you have configured SPF records for your company in the DNS and when you send spoofed email on behalf of your company that email is not getting blocked and reaches the other domains.

Since you have configured SPF records in DNS that means you have done your part correct and nothing is to be done more from your end.

Now, the other destination end is receiving the spoofed emails, so they have to make policies and filters in their environment based on the SPF verdicts they get.

So for example, if you have configured hard fail in the spf verdict then the destination end will definitely be getting the "hard fail" error (if they have enabled SPF verification), however, what do they do with that error is their responsibility i.e. they need to setup some action by creating a filter for the SPF verdict of "hard fail".

Hence, if the email is passing then destination end need to make the changes.

I hope that explains.

Cheers,
Pratham