Cisco RES - ORF Forums

Cisco RES RSS Back to forum


I'll start here with a question...

We have a client who is a customer of Cisco's Registered Envelope Service. Basically, secure email. Nothing new.

However, when someone here attempts to send an email to this client AND copy himself or his secretary, the copy bounces due to... you guessed it, SPF hard fail.

Obviously, since it's a Cisco server processing the main and sending it as us, it's going to fail SPF. I really don't want to try to figure out and add RES servers to my SPF string.

Anyone dealt with this? Is there something in ORF that can accommodate this? Possibly some magic that can be worked? Unfortunately, CRES isn't listed in the Sender Score database.



by T. Hernlund 9 years ago

Disregard. I figured a solution. I asked Cisco about it and they gave me the IP blocks of their email server farms. Rather than include them in my SPF string, I simply excluded those IPs from the SPF test.

As I use ORF for hard fails only and my Exchange server for soft fails (which assigns an SCL and filters to Junk Mail as needed rather than dropping the message altogether), this allows my Exchange server to take over and filter them to Junk, which the users can control individually.


by T. Hernlund 9 years ago

@T. Hernlund: Hi,

If Cisco publishes an SPF policy with their service, you can also use the SPF "include" mechanism to merge their policy with yours. This is better than listing their IPs in your SPF record, because you do not have to maintain the list. You can learn more about this mechanism at

by Peter Karsai (ORF Team) 9 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2