Some domains (including most prxy hosted domains) include special DNS records (see Using the Sender Policy Framework (SPF)) that documents what mail servers may send mail for this domain. A mail server may say that its servers "should" send mail for the domain (so other servers sending may be legitimate but are more likely to be spam), or they may say the domain's servers "must" send mail for the domain. In this case, they are expecting sending servers to reject email from any other servers.
Our Spamblock rules honor these definitions. If a domain says that only specific servers are expected to send mail, we will add to the spam score if they do not. We add just a little if the sender says they "should" send through specific servers, and more points (assuring the email is trapped) if the sender says they "must" send through specific servers.
This is usually the correct approach, and protects you from well know senders being forged to send you spam. However, sometimes a domain is misconfigured (or perhaps just not up to date). Or, most forwarding will also look forged because it uses the sender's email address but sends through the forwarding server.
If you find that some email is blocked with the icon indicating SPF failure, you can fix this by adding an SPF rule in your own account (or your whole domain, if you are a domain administrator). Either follow the instructions below, or contact us to help you.
- Log in to Spamblock
- Click Rules > SPF Rules
- Add the domain in the top line in the blank box under Domain
- Leave the score boxes blank (or enter a 0 in each box, which will have the same result)
- Click the Submit Changes button at the right of the top line (or at the bottom of the rules)
Email from this sending domain will no longer be scored for SPF so it will get through, and will honor your Always Accept rule.