MDaemon 10.x: How to configure MDaemon to check SPF records

This article explains how to configure MDaemon to check SPF records of incoming messages.

  1. Open the MDaemon user interface
  2. Click Security from the menu bar.
  3. Click Security Settings...
  4. Select SPF / Sender ID on the left.
  5. Check the box for Verify sending host using SPF.
  6. If you would like a permanent error sent when the returned SPF result is FAIL check the box for When verification returns a FAIL result: ...send 550 error code.
  7. If you would like the connection to then be closed check the box for ...and then close the connection.
  8. If you are using MDaemon Pro you can control the amount that is added to the spam score for each message based on the SPF result. The defaults usually work well.
  9. If you would like a Received-SPF header added to incoming messages check the box for Insert ‘Received-SPF’ into messages.
  10. To not insert the Received-SPF header when the SPF result is 'none' enable the check box for ...except when the SPF result is 'none'
  11. When forwarding mail to another domain, MDaemon can (and should to make verification easier) use the local address that is doing the forwarding as the MAIL FROM: during the SMTP session. To enable this be sure to check the box for Use local address in SMTP envelope when forwarding messages.
  12. To exclude sessions that use SMTP Authentication from the SPF processing check the box for Authenticated sessions are exempt from SPF/Sender ID verification.
  13. To exclude trusted IPs from SPF processing check the box for Connections from trusted IPs are example from SPF/Sender ID verification.
  14. If you would like to cache SPF results check the box for Cache verification results.

Additional Comments

This article refers to MDaemon 10.x and above. For information on how to resolve this in previous versions, please see the link below.