On Tue, Dec 5, 2023 at 10:27 AM F Bax <fbax...@gmail.com> wrote: > > A couple of email addresses on my OpenBSD server are forwarded to microsoft > domains. For quite some time; this has worked flawlessly. Recently > something changed. Now, an email sent from sendgrid.com to my server > results in a bounced message from outlook.com with this error. > > received-spf: Fail (protection.outlook.com: domain of > u3352509.wl010.sendgrid.net does not designate 64.140.xxx.yyy as permitted > sender) receiver=protection.outlook.com; client-ip=64.140.xxx.yyy; helo= > myserver.ca; > > Where xxx,yyy & myserver hide real values. > It seems outlook.com believes my server is "sending" email for sendgrid; > whereas originating server is valid and my server is just forwarding. > Anyone else encounter this situation; is there a way to resolve this?
I would suspect that this is because you unwittingly are - if the email gets forwarded as is rather than changing the To: field in transit, the email goes out as "bounce+blahblahhardtofilterbulls...@u3352509.wl010.sendgrid.net" rather than something like "postmas...@myserver.ca", triggering Sendgrid's SPF protection. I'm guessing Outlook Online/MS364 is being more aggressive in SPF checks now. As for a way to resolve, that may depend on your MTA (base or one from ports? Not a safe assumption to make), but as I'm not doing this or using an MTA on OpenBSD, I'm not at a liberty to say. -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
