Forum Discussion
Exchange Online Protection SPF record
Hi, I have received a message sent via Exchange Online host IPv6 "2603:10a6:20b:c0::31". The message was marked as spam because of SPF fail. Subnet "2603:10a6:20b:c0::/64" is not in the list of O365 ...
Just found this post while searching for "SPF Failed for IP - 2603:10a6:102:ad::15". The issue is still there! I cannot believe that MS is aware of having such a problematric issue and not fixing it for months. We are losing money when our emails are filtered out!
For us, it's already too late - we migrated all our services to the cloud years ago ... including exchange 365. But for someone thinking about a migration, I would suggest to wait until this issue has been addressed, fixed and the fix has been publicly announced. Today, I would NOT migrate to exchange 365, because of this issue and the way Microsoft fails to handle it. Email is one of the core services for companies today - a SaaS provider must be able to address such issues quickly and in an appropriate way.
- This issue might not be resolved by MS soon or ever, because their infrastructure is huge and with a lot of moving parts. I did not get any help from MS365 support, because the issue is so hard to reproduce. Something you can do is activating DKIM signing for sending domains so that your messages could pass authentication despite issues with SPF.
I've come across the same issue. Many of my coworkers are using an old version of Outlook which sends mail through smtp.office365.com. Apparently this server uses IP addresses starting with 2603:10b6. However none of these servers are included with
"v=spf1 include:secureserver.net ~all"
So all their mail fails spf and gets flagged. Going through these servers also does not use the DKIM I set up. However if we use the web based email the servers used pass SPF and DKIM is used.
I wish MS would add all the correct IP's to their secureserver.net.
