05-04-2020 11:16 AM
Hi, I have received a message sent via Exchange Online host IPv6 "2603:10a6:20b:c0::31". The message was marked as spam because of SPF fail. Subnet "2603:10a6:20b:c0::/64" is not in the list of O365 servers Microsoft provides: https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges#exchange-online
I see this type of thing happening quite often, both with IPv4 and IPv6 hosts in Exchange Online , with messages sent by legit senders via Exchange Online. What would be the right procedure to deal with this? more than registering a case in O365 admin portal.. Thanks, Ruslan
05-04-2020 12:45 PM
If you think these messages are being sent by legit Exchange Online senders, then I would say it is the senders responsibility to check and modify their SPF records accordingly to ensure all legitimate entries are included.
05-05-2020 08:28 AM
@PeterRisingsender's SPF is OK
"v=spf1 include:spf.protection.outlook.com -all"
but the IP of the exchange online transport server used was not in the list of host in spf.protection.outlook.com , message header states "protection.outlook.com does not designate 'sample ip here' as permitted sender". BR, Ruslan
01-11-2021 11:06 AM
I'm facing the same issue in certain circumstances. Did you happen to find a solution for this?
01-15-2021 08:09 AM
@Patrick_Tippner no, sadly, i have not found any solution or explanation to this..