Configuring SPF Settings

Configure Sender Policy Framework (SPF) settings to allow Deep Discovery Email Inspector to determine whether a sender is permitted to send email messages for a domain, before delivering the email messages to the intended recipients.


Deep Discovery Email Inspector is unable to perform HELO/EHLO identification if it is deployed as a non-edge MTA.

  1. Go to Administration > Sender Filtering/Authentication > SPF.
  2. Select Enable Sender Policy Framework (SPF).
  3. For HELO/EHLO identity, select Enabled to check the sender information in HELO/EHLO commands; otherwise, select Disabled.
  4. To add verification result into the message header, select Insert X-Header into email messages.
  5. Specify the sender domains to verify. Select All to perform SPF record checking for messages from all sender domains; otherwise, select Specify sender domains and complete the following steps to add sender domains to the verification list.
    1. Type a domain.
    2. Click Add.
    • Enabling SPF validation for all domains may affect system performance.

    • To remove a sender domain from the list, select the entry and click Delete.

  6. Specify the action to perform based on the verification result.
    • Bypass: Select this option to allow Deep Discovery Email Inspector to continue processing of the message.

    • Block temporarily: Select this option to temporarily block the message. The sender can send the same message to Deep Discovery Email Inspector to perform the verification again.

    • Block permanently: Select this option to permanently block the message. When a new message is received from the sender, Deep Discovery Email Inspector performs the verification again.

  7. Click Save.