Forum Discussion

tsula's avatar
tsula
Copper Contributor
Jun 26, 2020

office 365 mail SPF Fail but still delivered

Hello

today i received mail from my organization. i check headers and see that spf failed.

Received-SPF: Fail (protection.outlook.com: domain of mydomain.com does not
designate 67.220.184.98 as permitted sender) receiver=protection.outlook.com;

 

why spffailed mails normally received? 

 

i check SPF at mxtoolbox and SPF is correctly configured.

  • Geno_C7's avatar
    Geno_C7
    Copper Contributor

    tsula I solved the problem by creating two Transport Rules. The first one reads the "Received-SPF" line in the header information and if it says "SPF=Fail" it sends the message to quarantine. The second one reads the "Authentication-Results" line in the header information and if it says "Fail" sends the email to quarantine. Hope this helps.

  • Failing SPF will not cause Office 365 to drop a message, at best it will mark it as Junk, but even that wont happen in all scenarios.

  • RNalivaika's avatar
    RNalivaika
    Iron Contributor

    tsula firstly, this mostly depends on the spam filtering policy you have configured. Secondly, if your user has the sender's address added to their safe senders list, or sender address is in contacts + contacts are trusted, the message would skip spam filtering and be delivered to inbox.

    If you provided a sample message header, we might be able to tell you more.

    • davyvaessen's avatar
      davyvaessen
      Copper Contributor

      Microsoft please explain how this is designed behavior in this day and age?

       

      Sorry, but this is unacceptable!

       

      RNalivaika This is defunct out of the box! The default HAS to be secure and currently it is NOT.

      • Tobse_'s avatar
        Tobse_
        Copper Contributor
        "Security by design" 🙂

Resources