How to configure SPF to pass local IP address?

user46688 asked:

I have a database CentOS 7 server connected to an application CentOS 7 server via a cross connect cable. The mail server resides in the application server, with the following SPF configuration:

v=spf1 +a +mx +ip4:aaa.aaa.aaa.aaa +ip4:bbb.bbb.bbb.bbb ~all

where aaa.aaa.aaa.aaa and bbb.bbb.bbb.bbb are the external IP addresses for each server.

If the database server wants to send email via the application server using the local IP address (192.168.0.5), how can I configure SPF to either pass all local IP addresses (no checking done), or otherwise allow the local IP of 192.168.0.5 to pass SPF authentication?

Is the above configuration sufficient (e.g. based on external IPs), or do I need to do something additional to account for the internal IP address?

My answer:


You ignore SPF entirely in this circumstance.

You have an internal mail server which you intend to relay mail from other internal machines. You should configure it to always accept mail from those machines. How you do that depends on what mail server software you are using, which you didn’t specify. Check its documentation.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.