Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

FortiMail SPF Fail without the SPF Check is activated

Hi erveryone,

We use the FortiMail only as a filter.
The MTA is provided by an external service provider.
The FortiMail is therefore between our service provider and our internal mail server.

We have deactivated the SPF check in the Antispam and in the Session Profile, because this is not needed in our construct.
Nevertheless we get in the log for most mails a SPF Fail/Softfail with the message "that MTA (IP address) is/may not permitted to send email for ....".
The mails are processed and sent correctly but this log entry bothers us.

We are aware that the external MTA will normally trigger SPF since the mail is not sent from the original mail server to FortiMail.

Is it possible to disable the entry, it is not relevant for us or is there another hidden setting somewhere that enables SPF checking?

Are any of you aware of a similar problem or could it be something else?


Thank you in advance!!

Community Manager
Community Manager

Hello FisherManFriend,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Anthony-Fortinet Community Team.
Community Manager
Community Manager



We are still looking for someone to help you.

We will come back to you ASAP.


Anthony-Fortinet Community Team.
Top Kudoed Authors