Hi all,
I'm encountering a strange problem with a FortiMail unit ad an environment with both on-premise and in-cloud mailbox.
The problem regards the incoming email flow.
When an email is sent to a mailbox on premise (hosted to the local Exchange Server), no problem.
When an email is sent to an in-cloud mailbox, I have 2 steps involved:
[ol]
This happens with the message:
SPF=FAIL: (envelope from first.last@sender.com) indicates that MTA (1.2.3.4) is not permitted to send email for sender.com
Where :
[ul]
From what I understand, my public IP address is not form the ones allowed to send email as @sender.com (and this is correct).
The question is: how could I avoid to perform SPF Check only in this cases?
I'd like to disable SPF check from mail sent from my internal Exchange Server and the in-cloud domain but I don't think this could be done.
Any idea?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Simple, If the FML is handling the mail than write a policy allowing the internal mailserver to send and "with a AS policy" that has no SPF check.
WebGUI
Policy > Policies
You should be able to order that policy to avoid AS policy issues ( thresholds,sessions, AS rating ,etc......) Just be sure that you can send mail for that domain and have a correct TXT or SPF DNS RR.
PCNSE
NSE
StrongSwan
Not so simple since I shoud create a policy with an IP as a Source (the internal Exchange Server) and a domain as destination.
But the policies are IP ---> IP or sender --> recipient
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1629 | |
1062 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.