Login Code Email Failing SPF Security Check

When receiving the login code for Access, it’s generating an SPF Fail - Error from

[email protected]

Can someone fix the SPF record on this subdomain so these codes don’t end up in the junk folder?


John Wick

Probably not me. Would you happen to know what’s missing?

v=spf1 ip4: include:spf.mandrillapp.com include:_spf.sparkpostmail.com include:_privaterelay.appleid.com -all

From MXToolBox

More Information About Spf Record Null Value

A null record in your SPF record is commonly an indication of a problem with the related DNS lookup. In general, any mechanism that contains a DNS lookup should return a result. We trigger this sub-action because it’s much more common for a null record to be a problem affecting your email delivery over there being a null record on purpose like those in a Void Lookup

You can generally run an A record lookup on the domain/sub-domain in question to get more specific results.

Ah, so it has an invalid field/hostname. The closest person to mail I know here is @jsousabotto.

Interesting that it’s Apple’s private relay.

Yeah, no clue why CF would be using any Apple service in their ecosystem, that really threw me for a loop when I saw that.

Apple’s Private Relay uses Cloudflare. Now the question is how does that tie into email? Why would Apple Private Relay send email on behalf of Cloudflare? Maybe it’s some internal thing between the two companies…or was.

I can’t justify why Apple would be in a CF SPF record. That SPF record should only be for iCloud mail, nothing else. We would never run our corporate email through a third party like that, which would strip all our email corporate security features in the process.

It’s not like you need to anonymize the IP address for CF, which should be public for white lists & security.

I would seek guidance from whoever is responsible for Access and that DNS record for the justification.