Sophos XG 17.5 - SPF Check not working

I installed Sophos XG 17.5 on a Sophos XG in HA Active/Passive Cluster.

Yesterday and today we received several E-Mails from user@domain.com to our internal domain user@domain.com.

SPF-Records are set for domain.com.

The E-Mail was sent from an external adress that doesn't match the SPF-Record.

All these mails were accepted without restrictions or filtered out as beeing probable Spam.

 

The Policy is configured accordingly and SPF Check is activated in the Policy.

It looks like SPF isn't checked at all.

 

I already opend a ticket with our Distribution and waiting for response.

Anyone here experiencing the same?

  • In reply to Jelle:

    Not checking SPF because senders don't set their SPF Records correctly is not the solution.

    That's a problem or the sender that the sender should address.

  • In reply to Bjoern Ebner:

    In the beginning I started to address these senders and their admins but nothing happened. Didn't even get response. And internal users kept pushing because they didn't get expected mails from these senders. So what to do?

  • In reply to Jelle:

    The last resort would be to configure a Exception for those sender domains.
    But that is something that the sender should adress because in this case you are not the only one who can't receive mails of this sender.

    If no SPF-Record is set there is no problem.
    If a SPF-Record is set the administrator of the sender should know what he does.

    If not he has to expect E-Mails not being delivered anymore.

     

    I didn't have the experience that many SPF-Records are set incorrectly.

  • In reply to Bjoern Ebner:

    The issue is not solved in 17.5 MR3. We have targeted it for fix in 17.5 MR4 release.

     

    Thanks

  • In reply to vishalpatel:

    Thank you for the update. :)