Many of the services we use in our intranet send emails: the scanner, gitlab, wekan, etc.
Traditionally, before using axigen, we would whitelist the particular IPs of the devices/services that produce email over our private network.
With axigen, we are struggling. How is this supposed to be done?
So far, I have created an specific smtp-incoming listener, so that we can use intranet SSL certificates, and a rule in the routing to allow messages from an specific local IP.
However, SPF checks are failing, I think they happen before this routing rule.
What is the best way to handle internal (intranet-only) email with Axigen?
Please know that if your intention is to exclude the email messages sent from a certain IP address from the SPF check in Axigen then you may create the following SMTP acceptance rule:
navigate into the Webadmin interface to Security & Filtering -> Acceptance & Routing -> Advanced Settings
click the âAdd Acceptance / Routing Ruleâ button
write a suggestive name for the rule
In the Conditions section:
select Remote address -> Ip -> add the condition -> type the IP address in the textbox
select DNS checks -> SPF -> add the condition -> select âFailâ in the combo box next to âSpf result isâ
Important : at the top of the conditions section select âALL of the conditions belowâ, in the combo box next to âFor incoming messages that matchâ
In the Actions section select SMTP -> action -> add the action -> select âAcceptâ in the combo box next to âSMTP actionâ -> optionally type an explanation in the textbox, for example: SPF exception for my.host.name