SPF validation fails on messages that should not
search cancel

SPF validation fails on messages that should not


Article ID: 175500


Updated On:


Messaging Gateway


When using SPF setting "Authenticate only the following domains", both SPF and SenderID content rules will trigger on an existing SPF Authenication-results header in an email from a domain that is not supposed to be checked for SPF.


This is a known issue at the moment.
Please follow the workaround below to resolve temporarily.
1) In the Messaging Gateway web interface, go to Spam > Sender Authentication, and set an "Authentication Service Identifier" of your choice, but different from the default one, then save. 
2) Go to Content > Policies > Email and edit the active policy for sender authentication. Change the current Content Filter rule on SPF validation, and add the following condition:
Ensure you specify the same authentication ID as in step 1.
3) Ensure to select ALL as the operator for conditions, as follows:
4) Save