Check SPF on outgoing mails

[anoniempje]

Hi,

I was wondering if its possible to have PMG scan outgoing mails and check the SPF of its even allowed.
This because we see a lot of mail where the from address has changed or set by PHP and they are not even allowed to send mail from that given domain. I have been searching but i cant really find a good solution to his.

 

[BJ78945]

Hi,

PMG is a Proxy. Outgoing mails came from your internal Mailserver and normally incoming mails came across PMG to your internal Mailserver. SPF Records are for the public site. So they should point to the PMG if it is used for outgoing mails and not to your internal mailserver. So you have to check the config of your internal mailserver why it is allowed to spoof mail addresses. Normally you could lock to only send with addresses which belongs to the logged in user. Don't allow any php or other scripts to directly send from the mailserver without authetication. So I think it must be solved on your internal mailserver.

 

[anoniempje]

Hi,

While I do agree with you on that, disabling PHP-mail and forcing our users to use SMTP on their forms is simple a no-go on the current environment. The impact of making such change is simple to big.

I have installed a new env. to test stuff on and i notice that it does work there so I'll do some more digging to see what is going on on the prod env.

Thanks