cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
897
Views
5
Helpful
1
Replies

SPF verification

ccna_security
Level 3
Level 3

 

Dear all

 

We configured SPF verification and added dns record (v=spf1 mx ip4:x.x.x.x -all). When I send spoofed email on behalf of @mycompany.com from 3rd party service to my personal @mail.ru email address, that email reaches successfully. Don’t you thing that it should be dropped?

1 Reply 1

ppreenja
Cisco Employee
Cisco Employee
Hi Ccns90,

I understand that you have configured SPF records for your company in the DNS and when you send spoofed email on behalf of your company that email is not getting blocked and reaches the other domains.

Since you have configured SPF records in DNS that means you have done your part correct and nothing is to be done more from your end.

Now, the other destination end is receiving the spoofed emails, so they have to make policies and filters in their environment based on the SPF verdicts they get.

So for example, if you have configured hard fail in the spf verdict then the destination end will definitely be getting the "hard fail" error (if they have enabled SPF verification), however, what do they do with that error is their responsibility i.e. they need to setup some action by creating a filter for the SPF verdict of "hard fail".

Hence, if the email is passing then destination end need to make the changes.

I hope that explains.

Cheers,
Pratham
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: