Email from one of our customers is failing SPF and is being flagged as spam. I am helping them work through the issue, but I want to make sure that it isn’t on my end to avoid looking too stupid.
Their domain is rochesterartcenter.org. From the email header, the email is delivered by Google:
Received: from mail-il1-f180.google.com (mail-il1-f180.google.com [126.96.36.199]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested)
Their TXT records are:
rochesterartcenter.org. 300 IN TXT "v=spf1 a:rochesterartcenter.org include:sendgrid.net include:mailman.bloomerang-mail.com -all" rochesterartcenter.org. 300 IN TXT "google-site-verification=Ifm38gWyJHgj7ml3mYTyF4BVTElSnytai-BgNB1BL2I"
I’m not real familiar with how the ‘include’ part of the SPF works.
Their MX records are:
rochesterartcenter.org. 300 IN MX 10 alt4.aspmx.l.google.com. rochesterartcenter.org. 300 IN MX 10 alt3.aspmx.l.google.com. rochesterartcenter.org. 300 IN MX 1 aspmx.l.google.com. rochesterartcenter.org. 300 IN MX 5 alt1.aspmx.l.google.com. rochesterartcenter.org. 300 IN MX 5 alt2.aspmx.l.google.com.
From what I’m seeing, they are using mail service from Google and the DNS is from Cloudflare.
As I said, I think the issue is on their end, but is it possible that there is actually a configuration issue on my end? I don’t remember customizing the SpamAssassin portion of my server. The only real custom stuff is I am using external DNS.