I'm testing out PMG as a mailproxy for my Exchange server.
I noticed that it's possible for me to send an email from ****.com to ****.com, creating a phising mail, from a simple SMTP testing tool (****.com represents my own domain).
PMG runs on a container (in Proxmox) next to the Exchange server VM. I don't know if this is the reason it completely ignores the fact that the SPF is not matching (due to it being a local IP maybe, i'm not sure).
I just tested using another domain that has a valid SPF as well. It's e-mail goes through as well.
However, if i test with a big company (probably using dkim etc.) then PMG blocks the e-mail as it should.
Why is the SPF being ignored? What am i missing?
Thanks in advance
I noticed that it's possible for me to send an email from ****.com to ****.com, creating a phising mail, from a simple SMTP testing tool (****.com represents my own domain).
PMG runs on a container (in Proxmox) next to the Exchange server VM. I don't know if this is the reason it completely ignores the fact that the SPF is not matching (due to it being a local IP maybe, i'm not sure).
I just tested using another domain that has a valid SPF as well. It's e-mail goes through as well.
However, if i test with a big company (probably using dkim etc.) then PMG blocks the e-mail as it should.
Why is the SPF being ignored? What am i missing?
Thanks in advance