In the spam folder of Gmail can be found illegitimate spam emails apparently sent from my own domain email address but from an origin not allowed by SPF. The domain is on G Suite emails. SPF is allegedly correctly setup as "v=spf1 include:_spf.google.com ~all". What is the expected behavior of Gmail in that case. Should it delete those emails so they do not even reach the spam folder or should they appear in spam.
Answer
Given the ease of messing up an SPF record, Gmail appears to consider a failing SPF check as a major factor for the spam score of an email, but it's possible for it to still wind up in the inbox.
To my knowledge, Gmail will not just silently delete an email by default.
If you're in a Google Apps install, there may be rules the administrator put in place. This doc indicates a DMARC record may be used to have SPF-fail email deleted.
No comments:
Post a Comment