An email has failed delivery and the reason provided in Track and Trace is listed as SPF Record.
553-SPF (Sender Policy Framework) domain authentication fail
Under Services > Anti-Spam >Spoofed Sender Detection, Use SPF is enabled and set to the action of Block and Delete. When this feature is enabled, all inbound emails will be verified against the SPF policy of the Env Sender. If the Env Sender publishes a hard-fail SPF policy and the inbound email fails SPF verification, the action of block and delete will be enforced and a 5xx error is returned to the sender. SPF record set to soft-fail will not trigger the action.
When a legitimate email is being blocked due to SPF, then the sender needs to contact their DNS administrator to inform them that the IP address being used is not listed as approved on their domain's SPF record. The DNS administrator can either correct this or change the SPF record to a soft-fail while this is being corrected on their end. Having the sender's DNS administrator correct the SPF record is the recommended action by Symantec.
If the email is time sensitive and must be received before the sender can get the SPF record modified, there are a few options available in ClientNet and will be up to the company's discretion on which is best for the situation.
All portal changes will take up to 1 hour to fully propagate in the system. Once the change has propagated, the sender will need to resend the email.