Correct email forwarding despite strict SPF checking thanks to SRS

Updated 11 months ago by Gerhard Kleewein

The primary reason for setting up an SPF record is to prevent SPAM from being sent from a domain name. An SPF record defines which IP addresses shall be allowed to send email for a domain name and how receiving mail servers must treat emails originating from non-permitted IP addresses.

SPF reaches its limits when forwarding external e-mails.

The fundamental problem: The forwarding email server is very likely not authorized to send emails from the sender domain due to the SPF record (forwarding/redirecting is one form of sending emails).

To eliminate this fact, EDIS implemented an (experimental) technology called SRS https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme.

SRS rewrites the "envelope sender" and each email is provided with a cryptographic "hash" so that forwarding against the SPF configuration is possible.

Wenn SPF providerseitig nicht korrekt implementiert bzw. nicht durch SRS komplettiert wird, kommt es bei Weiterleitungen zu SPF Fehlern.

5.0.0 smtp; 550 rejecting for sender policy framework

Correct email forwarding despite strict SPF checking thanks to SRS

How did we do?

eMail error: rejecting banned file attachment - blocked attachment

Configure a domain for Microsoft Office 365

Related Articles

EDIS default SPF record

Google Error Message: This message does not have authentication information or fails to pass

IP addresses of the EDIS mail systems

Related Articles

eMail error: rejecting banned file attachment - blocked attachment

Configure a domain for Microsoft Office 365

Google Error Message: This message does not have authentication information or fails to pass

IP addresses of the EDIS mail systems