10-09-2019 10:22 PM
Hi,
we configured a filter for the antispoofing of emails so that not to receive emails externally from our domain unless we allow explicitly the intended email to send emails from outside. The point is here we have an application that is hosted in cloud and we are allowing vendors application to communicate through specific email of our domain, now the vendor asked to add his public IP address into our SPF even though we are doing the spf record check for our inbound emails.
What is the risk of adding him into the spf record apart from bypassing the spf record check from our side.
Thanks for your help and support.
Solved! Go to Solution.
10-10-2019 06:04 PM
Hey Amahmud01,
If you add their public IP that they use to send emails into your SPF record, you'll be giving them a free run to send under your domain to any other mail servers globally.
This could inadvertently make other mail servers not trust your domain as an IP is sending not so legitimate emails (if this does come down to it) where they're using SPF as an indicator.
Also them passing SPF might also allow them to pass DMARC which could be a worry to your domains standing.
Regards,
Mathew
10-10-2019 06:04 PM
Hey Amahmud01,
If you add their public IP that they use to send emails into your SPF record, you'll be giving them a free run to send under your domain to any other mail servers globally.
This could inadvertently make other mail servers not trust your domain as an IP is sending not so legitimate emails (if this does come down to it) where they're using SPF as an indicator.
Also them passing SPF might also allow them to pass DMARC which could be a worry to your domains standing.
Regards,
Mathew
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide