- Newest
- Most votes
- Most comments
It looks like you want to use a custom MAIL FROM domain (icn.org.au). Since it is a custom domain, you need to have the appropriate SPF record configured in your DNS. If you use the Amazon SES FROM domain, then AWS takes care of the SPF setup for you.
This issue is due to a SMTP redirect/forwarding scenario. The headers indicate that the message was sent by SES and delivered to smtp-mx-server-8.servers.netregistry.net. During this hop the message passes SPF.
During the next hop smtp-mx-server-8.servers.netregistry.net delivers the message to inpre01.tmes.trendmicro.eu. It fails SPF because smtp-mx-server-8.servers.netregistry.net is not in the SPF policy for ap-southeast-2.amazonses.com
An intermediary SMTP server should rewrite the MAIL FROM address to something within a domain it controls.
If you trust smtp-mx-server-8.servers.netregistry.net then you can configure a custom MAIL FROM domain and add the necessary IP addresses to that domain's SPF record, as @rowanu instructed.
On the other hand, if you have no idea what that server is (who controls it, etc), then you should not authorize it via SPF. The recipient you are sending to is using a incompatible email forwarding service/strategy. This is likely resulting in most of their incoming email being rejected, and their downstream mailbox is likely not getting very much email from you or anyone else.
Relevant content
- asked 2 months ago
- asked 5 years ago
- asked 3 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago