You can enable Sender Policy Framework (SPF) to allow Hosted Email Security to evaluate the legitimacy of sender's email address, before delivering the email to the recipient.

  1. Go to Inbound Protection > Domain-based Authentication > Sender Policy Framework (SPF).
  2. Select Enable SPF to enable SPF in Hosted Email Security. Clear this check box to disable SPF.
  3. Click OK on the confirmation dialog box.
    Note:

    The confirmation dialog box only appears if the domain selected in Managed domain is all my domains.

  4. If you also want to add the SPF check result into the email message's xheader, select Insert an X-Header into email messages, and then click OK on the confirmation dialog box. Clear this check box to disable this setting. Hosted Email Security adds messages similar to the following in email message's xheader named X-TM-Received-SPF:

    Status

    xheader

    Pass

    X-TM-Received-SPF: Pass (domain of example_address@example.com designates 10.64.72.206 as permitted sender) client-ip=10.64.72.206; envelope-from=example_address@example.com; helo=mailserver.example.com

    Fail

    X-TM-Received-SPF: Fail (domain of example_address@example.com does not designates 10.64.72.206 as permitted sender) client-ip=10.64.72.206; envelope-from=example_address@example.com; helo=mailserver.example.com

    SoftFail

    X-TM-Received-SPF: SoftFail (domain of transitioning example_address@example.com discourages use of 10.64.72.206 as permitted sender) client-ip=10.64.72.206; envelope-from=example_address@example.com; helo=mailserver.example.com

    Neutral

    X-TM-Received-SPF: Neutral (10.64.72.206 is neither permitted nor denied by domain of example_address@example.com) client-ip=10.64.72.206; envelope-from=example_address@example.com; helo=mailserver.example.com

    None

    X-TM-Received-SPF: None (domain of example_address@example.com does not designate permitted sender hosts) client-ip=10.64.72.206; envelope-from=example_address@example.com; helo=mailserver.example.com

    PermError

    X-TM-Received-SPF: PermError (domain of example_address@example.com uses mechanism not recognized by this client) client-ip=10.64.72.206; envelope-from=example_address@example.com; helo=mailserver.example.com

    TempError

    X-TM-Received-SPF: TempError (error in processing during lookup of example_address@example.com) client-ip=10.64.72.206; envelope-from=example_address@example.com; helo=mailserver.example.com

    InternalError

    X-TM-Received-SPF: InternalError (fail to lookup of or get meaning result of example_address@example.com) client-ip=10.64.72.206; envelope-from=example_address@example.com; helo=mailserver.example.com
    Note:

    If the value of envelope-from is blank, the value of helo will be used instead for the SPF check.

Parent topic: About Sender Policy Framework (SPF)