Stephen Dolphin 0 Posted October 9, 2018 Share Posted October 9, 2018 I have started using the SPF checking feature in Mail Security for Exchange v7.0. I have, following the documentation, turned off the automatic rejection and instead set up a rule which quarantines the message so that I can then later inspect it and release it. It appears to me that the software does not understand how to do with soft-fails at the end of SPF records. Normally a "~all" would indicate to the checking software (ESET) that it should allow the message but provide some sort of warning? It seems widely understood that such a soft-fail would result in the outright rejection of a message, but within ESET it does. Moreso there aren't different ways of handling soft and hard fails (e.g. it might be expected that a hard fail is rejected, but a soft fail quarantined). Has anyone else experienced this? Is there a workaround? Link to comment Share on other sites More sharing options...
jadorwin 1 Posted October 17, 2018 Share Posted October 17, 2018 (edited) Hello, I confirm that I have the same problem. I never understood why a soft fail was interpreted by a fail at the level of ESET. I think there should be way to nuance the treatment of an SPF result (main configuration + rules) following a soft or hard fail. Edited October 17, 2018 by jadorwin Link to comment Share on other sites More sharing options...
CNNS 0 Posted December 12, 2018 Share Posted December 12, 2018 Hi there, i too have configured some ESET Mailsecurity Installations with rules to test for SPF records. To mitigate this issue i am for the moment running a SPF-exception rule before the SPF-failure-to-quarantine rule to allow certain domains from being checked. This however covers only regularly incoming mails and requires a certain amount of management to release others from quarantine. Please advise how to improve this solution. Do we have to sign up for a feature request on this? greetings Link to comment Share on other sites More sharing options...
Administrators Marcos 4,919 Posted December 12, 2018 Administrators Share Posted December 12, 2018 It appears it was implemented today so the change will be included in the next version of EMSX: "Automatically reject messages if SPF check fails" will reject email only if it hard-fails. In the future we plan to introduce a new condition in rules, enabling to differentiate hard-failed and soft-failed messages. Link to comment Share on other sites More sharing options...
CNNS 0 Posted December 13, 2018 Share Posted December 13, 2018 Neat, awesome timing. Thank you for this, will have a look at coming updates. Link to comment Share on other sites More sharing options...
ESET Staff igi008 18 Posted December 13, 2018 ESET Staff Share Posted December 13, 2018 Thank you very much to Marcos for great work in this forum. We are planning release EMSX 7.0.10024.0 on Thursday 20th December (here will be accessible). We are very happy that you are using ESET products and of course many thanks for providing your valuable feedback. Link to comment Share on other sites More sharing options...
CNNS 0 Posted January 8, 2019 Share Posted January 8, 2019 Hi there again (and a happy new year), I see that the Autoreject has been altered to hard-fails. Which is nice. May I ask if there is a schedule for the upcoming rules feature? As in: On 12/12/2018 at 5:30 PM, Marcos said: In the future we plan to introduce a new condition in rules, enabling to differentiate hard-failed and soft-failed messages. Thanks in advance Link to comment Share on other sites More sharing options...
ESET Staff igi008 18 Posted January 8, 2019 ESET Staff Share Posted January 8, 2019 Hello (and happy new year to you too), we are planning to release build with mentioned rule on the end of January or on the beginning of February. Thank you very much for your interest, we are very happy that we can build products according the customers needs. 42 minutes ago, CNNS said: Hi there again (and a happy new year), I see that the Autoreject has been altered to hard-fails. Which is nice. May I ask if there is a schedule for the upcoming rules feature? As in: Thanks in advance Link to comment Share on other sites More sharing options...
ESET Staff igi008 18 Posted March 5, 2019 ESET Staff Share Posted March 5, 2019 (edited) Hello guys, the new version of EMSX has been released (7.0.10025).https://www.eset.com/int/business/mail-security-exchange/download/ SPF result rule was extended (currently is possible to configure an action for "Soft fail"). Enjoy the newest version. Many thanks for using ESET products! Edited March 5, 2019 by igi008 link filips and Peter Randziak 2 Link to comment Share on other sites More sharing options...
Recommended Posts