Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 18 subscribers
  • Views 3312 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Mailflow causing mail to fail SPF

Stuart James

Case: 06617332

Spent an hour on a remote session but support person clearly had no idea what they are doing.

I've just moved a brand new client who's never used any Sophos product before on to Central Mail and now all their SPF checks are failing and mail is bouncing back due to DMARC failing (set to reject).

Looking at the headers, the only SPF that is failing is the one below. Not quite sure why it's referring to a Sophos data centre in the US, but other Sophos tenants have the same in their headers and aren't blocked by DMARC.

As a workaround, I've told the client to change DMARC to p=none instead, but that's obviously not ideal.

Any ideas?

Received-SPF: Fail (protection.outlook.com: domain of ***** does not designate 198.154.181.225 as permitted sender)     receiver=protection.outlook.com; client-ip=198.154.181.225;     helo=mfod-usw2.prod.hydra.sophos.com;



Edited TAGs
[edited by: Raphael Alganes at 10:39 AM (GMT -8) on 2 Feb 2024]
Unfiltered HTML