Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table of Contents
Overview
This recommended read describes the action MTA will perform on specific SPF results.
What to do
| SPF Result | Explanation | Action by MTA |
|---|---|---|
| Pass | The client is authorized to inject mail with the given identity. | Accept |
| Fail | The client is not authorized to use the domain in the given identity. | Reject |
| SoftFail | The host is probably not authorized | Accept |
| Neutral | ADMD has explicitly stated that it isn’t asserting whether the IP address is authorized | Accept |
| None | No syntactically valid DNS domain name was extracted from the SMTP session that could be used to authorize it, and no SPF records were retrieved from the DNS. | Reject |
| Permerror | The domain's published records couldn’t be correctly interpreted. This signals an error condition that requires DNS operator intervention to be resolved. | Accept |
| Temperor | The SPF verifier encountered a transient (generally DNS) error while performing the check. | Accept |
Revamped RR
[edited by: Erick Jan at 10:07 AM (GMT -7) on 18 Sep 2024]