This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SPF Policy - Allow a specific IP Address

Within the SPF Policy, you can add an email address or email domain to be accepted.

However, is there a way to allow a specific IP address?



This thread was automatically locked due to age.
  • In theory you could create a new SPF rule. enable advanced. set the rule config to none or fail.. then under message attributes add the IP and select IS .. then give it a main action and such.  

    then add it above your existing rule and save order//

    However this is NOT recommended and requires the correct envelope sender ips and header information.

     

     

    The recommended fix is to have abc.com fix their dns/txt  :)

     

    As per the RFC.

    SPF relays on the HELO identity of the client, or the Mail From Identity (aka the envelope sender)  the DNS name is then looked up resulting in the host dns information.  

    section 3 : https://www.ietf.org/rfc/rfc4408.txt  

    provides the basic reverse look up information, and section 3 has the requirements for a dns entry. your v=spf delegation must resolve properly.

    " Domain owners wishing to be SPF compliant must publish SPF records for the hosts that are used in the "MAIL FROM" and "HELO" identities. The SPF records are placed in the DNS tree at the host name it pertains to, not a subdomain under it, such as is done with SRV records. This is the same whether the TXT or SPF RR type (see Section 3.1.1) is used. The example above in Section 3 might be published via these lines in a domain zone file: example.com. TXT "v=spf1 +mx a:colo.example.com/28 -all" smtp-out.example.com. TXT "v=spf1 a -all" When publishing via TXT records, beware of other TXT records published there for other purposes. They may cause problems with size limits (see Section 3.1.4). "


    You should not be making this kind of rule to accommodate a domain that has invalid / bad dns or has incorrectly set up their txt record.