Sonicwall | Related IP | Failed SPF Checks - ORF Forums

Sonicwall | Related IP | Failed SPF Checks RSS Back to forum

1

I installed a sonicwall nsa2400 firewall and I'm nating the public IP to our email server. On all emails coming in ORF is reporting the "Related IP" as our public IP for the mail server which I'm guessing is why emails are failing the SPF checks.

Does anyone know exactly whats happening?

Thanks,
Jean

by Jean Davis 8 years ago
2

@Jean Davis: I got a fix from Sonicwalls forums on this already. The firewall was changing the IP on the email header to our public IP.

by Jean Davis 8 years ago
(in reply to this post)

3

@Jean Davis: Glad to hear the problem has been solved.

In case the firewall (or any relaying hosts between ORF and the internet) adds its on delivery information to the MIME email headers (as a Received: from line) instead of allowing emails thru "transparently", then it should be added to the Intermediate Host List of ORF, so ORF will skip them when analyzing the headers.

We often see such issues with secondary MXs: if ORF is unaware of them, it will consider the secondary MX IP (which relays to the primary where ORF runs) as the sender, and all emails will be blocked by the SPF test if the domain owner has an SPF policy ending with "-all" published:

http://blog.vamsoft.com/2010/05/26/spf-test-and-intermediate-hosts/

by Krisztian Fekete 8 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2