Gmail re-routed mails get rejected by SPF filter

somebody2000

Member
Jul 17, 2020
4
0
6
34
My PMG is rejecting various mails to a certain recipient address which is registered as rewritten "envelope recipient" in Googles mail "default routing" settings.
And PMG is right: it rejects those mails because the senders SPF records don't mention the Google SMTP servers ("*.unverified-forwarding.1e100.net").

Now - I actually do want these mails to be delivered.
Is there a way to create entries in the SMTP whitelist to allow the Google SMTP server to deliver messages for a certain receipient or recipient domain. Without skipping SPF checking for this recipient from other SMTP servers (sender)?
 
You could whitelist all of google's IPs used for those particular servers - but you'll have to ask Google or their documentation for a list of those IPs

I hope this helps!
 
Thanks. I found a post here in the forum showing how to edit the main.cf to allow certain domains in the smtp_recipient_restrictions & client access via a regexp map. This solved it for me.
 
BTW: whitelisting the IPs from google would be tedious, since it's a moving target. See DNS TXT record of _spf.google.com