Messaging Gateway

 View Only
  • 1.  Request for feature - SPF whitelist

    Posted Jun 03, 2016 02:41 PM

    Hi all.  I was directed to this forum by Symantec support after opening a ticket with them.  After researching it, we turned on SPF on our Brightmail 10.6, and we were surprised by how many local government entities have gone to Office 365 and have misconfigured SPF.  The most common scenario we're seeing is that they go to Office 365, and the outlook.com servers are added to their SPF records, but some emails are still being sent by their local servers, which are omitted from their SPF records.  As a result, I contacted Symantec and asked how to add them to an SPF whitelist, where they can bypass SPF checks for known good senders.  That feature does not exist, though the opposite one does: you can specify a blacklist of domains that require SPF checks.  The rep was sympathetic and recommended that I request this feature here.

    Has anyone else been running into this?

    TIA,

    Brian



  • 2.  RE: Request for feature - SPF whitelist

    Posted Jun 06, 2016 01:43 AM

    Hi,

    Sure ;-)

    What you can do is

    1. Actions for Sender Authentication - Deliver message normally

    2. Content rules - Add content rules for soft- and hardfails incl exeptions

    Eg exception for a certain IP (xxx.xxx.xxx.xxx representing one server ip)

    If text in Message header "Authentication-Results" matches exactly "symauth.service.identifier; spf=softfail"

    AND If text in Message header "Received" does not match regular expression ".+xxx\.xxx\.xxx\.xxx.+"

    and add a action like mark, prepend subject, delete, etc

     

    Hope it helps

    Regards

    Thomas