question

PaulB-5903 avatar image
0 Votes"
PaulB-5903 asked KyleXu-MSFT commented

SPF Recors for Additional domains

Hi

I have some questions around SPF records.

If we have a domain lets call it main-domain.com and main-domain.com has its own SPF record which includes a mailer and also include:spf.protection.outlook.com -all

If we have a second domain second-domain.com and we want that domain to be able to send email as main-domain.com I assume we would add main-domain.com to the SPF record of second-domain.com using include: main-domain.com

Also where does the include:spf.protection.outlook.com -all come in here? All mail is going out via Online so no on prem. Does include:spf.protection.outlook.com also require adding to the spf record of second-domain.com?

office-exchange-server-administration
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@PaulB-5903

The SPF record use Return-Path to verfify your domain. When "second-domain.com" send as "main-domain.com", the email address show in Return-Path is "main-domain.com".

So, I think you donot need to add "main-domain.com" to the SPF record of "second-domain.com".

You can also double check this with your DNS provider.

0 Votes 0 ·

@PaulB-5903

I am writing here to confirm with you any update about this thread now. Does SPF work for your organization now?

0 Votes 0 ·
michev avatar image
0 Votes"
michev answered

If you add the include clause, it will retroactively add any additional includes. In fact, if you check the spf.protection.outlook.com record, you will see additional includes therein.
Just be mindful of the 10 lookups limit. There are free "SPF validator" tools online, run the proposed new record against them before making the change, just in case.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

PaulB-5903 avatar image
0 Votes"
PaulB-5903 answered PaulB-5903 edited

Hi

Thanks but that has not really answered my query?

So adding a domain into the include of an SPF record allows that domain to 'send as' the domain that hosts the SPF record as per my example above if second-domain is added into the SPF record of main-domain than that allows second-domain to send as main-domain?

Also should spf.protection.outlook.com be added to all domains that send via online exchange?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.