Why did SPF cause my mail to be rejected?

What is SPF?

SPF is an extension to Internet e-mail. It prevents unauthorized people from forging your e-mail address (see the introduction). But for it to work, your or your e-mail service provider's setup may need to be adjusted. Otherwise, the system may mistake you for an unauthorized sender.

Note that there is no central institution that enforces SPF. If a message of yours gets blocked due to SPF, this is because (1) your domain has declared an SPF policy that forbids you to send through the mail server through which you sent the message, and (2) the recipient's mail server detected that and blocked the message.

receiver@example.com rejected a message that claimed an envelope sender address of user@example.com.

receiver@example.com received a message from () that claimed an envelope sender address of user@example.com.

However, the domain example.com has declared using SPF that it does not send mail through (). That is why the message was rejected. According to this SPF definition:

example.com descriptive text "v=spf1 -all"

If you are user@example.com:

example.com should have given you a way to send mail through an authorized server.

If you are using a mail program as opposed to web-mail, you may need to update the "SMTP server" configuration setting according to your ISP's instructions. You may also need to turn on authentication, and enter your username and password in your mail program's options. Please contact your ISP for assistance.

If you run your own MTA, you may have to set a "smarthost" or "relayhost". If you are mailing from outside your ISP's network, you may also have to make your MTA use authenticated SMTP. Ideally your server should listen on port 587 as well as port 25.

If your mail was correctly sent, but was rejected because it passed through a forwarding service, as an interim solution you can mail the final destination address directly (it should be shown in the bounce message). See the forwarding best practices (or refer the recipient there) for the discussion of a proper solution.

If you need further help, see our support section for free support and professional consulting services.

If you are confident that your message did go through an authorized server:

The administrator of the domain example.com may have incorrectly configured its SPF record. This is a common cause of mistakes. example.com descriptive text "v=spf1 -all"

Here's what you can do: Contact the example.com postmaster and tell them that they need to change example.com's SPF record so that it authorizes .

If you refer your postmaster to this web page, they should be able to solve the problem.

If you did not send the message:

SPF successfully blocked a forgery attempt; someone tried to send mail pretending to be from user@example.com , but the message was rejected before anybody saw it. This means SPF is working as designed.