The SPF module makes use of SPF DNS records to check if the SMTP server connecting to IIS is allowed to send emails for the sender‟s domain.
When the SPF module checks the validity of an email, it will need the IP address of the connecting mail server and the sender‟s domain extracted from the SMTP sender email. After performing a DNS query, the results may be one of the following:
Blocking of the message by MailEssentials depends on the setting that is chosen in the MailEssentials configuration (None, Low, Medium or High). The SPF results that are blocked by each setting are listed in the MailEssentials SPF configuration window when the setting is chosen.
1. Emails originating from the local host (127.0.0.1, or localhost) are not checked by the SPF module. Localhost is always allowed to send emails. The other Anti-Spam checks are still done.
2. The SPF module is passed the IP address of the sending mail server, the email address that is specified in the envelope from (MAIL FROM), and the text that is specified after the "Helo" command by the sending mail server. Only if the "envelope from" information is missing will the information specified after the "Helo" command be used.
3. When checking the SPF record, one should note the sign next to the “all” keyword, which should be found at the end of the SPF record. If it is “–all”, emails sent from all other IP addresses not listed in the SPF record will result in Fail. If it is “~all”, emails sent from all other IP addresses not listed in the SPF record will result in SoftFail. If it is “?all”, emails sent from all other IP addresses not listed in the SPF record will result in Neutral
4. Only SPF version 1 records are supported by the current implementation of the feature in MES. You will notice the version number in the DNS record for the domain – if the TXT record starts with “v=spf1”, then it is version 1. If it starts with “v=spf2(.0)”, then it is version 2, and it is not checked by MES.