SPF failure when alias to external domain

Patric F.
  • Patric F.

    Patric F. - 2013-06-05


    I have an address, info@domain.com, which is an alias. I have it set to forward mail to 3 internal adresses and 3 external (I don't host these external addresses in any way).
    It works fine to send to this address and everyone receives it. BUT, when a sender has a SPF-record the server that hosts the external addresses complain about SPF failure because of course I'm not allowed to send mail for that domain.

    Have I configured this completely wrong or is the external server wrong here?
    How do I fix this?

    Shouldn't I be able to forward to whom ever I want, even if I don't host the address?


  • Simon Hobson

    Simon Hobson - 2013-06-05

    Yes, you've hit just one of the fundamental problems with SPF. It's completely broken with regard to real-world handling of mail - whether that be forwarding of mail as you have, or regular mailing lists of which there are many thousands (millions ?) around the world.

    AIUI, the supporters of SPF say that to get round this, forwarders/list handlers should add a header that effectively says that they're forwarding a mail from an SPF allowed address. IMO that's basically allowing an unverified 3rd party to say it's doing the right thing and allows any spammer to make such a false claim.

    So IMO, SPF is just another way to break mail.

    EDIT: No you can't fix it, just tell the admins of the server that's doing SPF checks that they're config is broken, and it's their fault for using a process designed to break legitimate mail handling.

    Last edit: Simon Hobson 2013-06-05
    • Patric F.

      Patric F. - 2013-06-10

      Thanks for the informative reply! It helped a lot.


Log in to post a comment.