SPF record and outside network email client

SPF record and outside network email client

I have a gwava appliance setup as a middle man between our GroupWise server and the world. The problem is we just created an SPF record and now email clients (outside the network) are getting a send failure problem. Is there an option that when someone authenticates through the Gwava appliance to our mail server that it will accept the mail?
We have the "SMTP relay agent target server" setup under "Configure Server" with our GroupWise server and under the configure domains setup with our GroupWise server under the "SMTP server" list with "Receive mail/Authenticate".
I'm not sure what I'm missing and any direction would help.

Here is what's in the smtp log in gwava
[2r7e4gg][2] FEB-07 15:24:18 TLS started for connection with xxx.xxx.xxx.xxx
[2r7e4gg][2] FEB-07 15:24:19 Auth Login for: (mylogin@domain)
[2r7e4gg][2] FEB-07 15:24:19 Connecting to (our groupwise server), for (our groupwise server)
[2r7e4gg][2] FEB-07 15:24:19 Connected to server (our groupwise server) on port 25
[2r7e4gg][2] FEB-07 15:24:20 Received 504 byte message (16 lines)
[2r4lmrg][1] FEB-07 15:24:21 GWAVA scan started from SMTP thread: [2r7e4gg]
[2r4lmrg][2] FEB-07 15:24:21 GWAVA reports message should be blocked
[2r7e4gg][2] FEB-07 15:24:21 Message was blocked: spf
[2r7e4gg][1] FEB-07 15:24:23 Socket is closed
[2r7e4gg][1] FEB-07 15:24:23 => Socket write error: socket unavailable
[2r7e4gg][1] FEB-07 15:24:23 <= Socket read error: socket unavailable
[2r7e4gg][2] FEB-07 15:24:23 Client disconnected from xxx.xxx.xxx.xxx

Mail client message.
An error occurred while sending mail. The mail server responded: Message was blocked by server (GWAVA blocked: spf, reference ID: str=0001.0A020207.5C5CA52E.0052,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0). Please check the message and try again.
  • mdemel,

    It appears that in the past few days you have not received a response to your
    posting. That concerns us, and has triggered this automated reply.

    These forums are peer-to-peer, best effort, volunteer run and that if your issue
    is urgent or not getting a response, you might try one of the following options:

    - Visit https://www.microfocus.com/support-and-services and search the knowledgebase and/or check
    all the other self support options and support programs available.
    - Open a service request: https://www.microfocus.com/support
    - You could also try posting your message again. Make sure it is posted in the
    correct newsgroup. (http://forums.microfocus.com)
    - You might consider hiring a local partner to assist you.

    Be sure to read the forum FAQ about what to expect in the way of responses:

    Sometimes this automatic posting will alert someone that can respond.

    If this is a reply to a duplicate posting or otherwise posted in error, please
    ignore and accept our apologies and rest assured we will issue a stern reprimand
    to our posting bot.

    Good luck!

    Your Micro Focus Forums Team

  • I ended up opening an SR and found out that there may be a bug in 6.5 that may be causing this problem but its no longer being supported so no fix and that SMG does not have the module to authentication yet (if I remember right) so it would not have mattered if I upgraded.:( I ended up opening a port and sending all my users direct to the GWIA. I also turned on forced authentication so that not just any Tom, *** or Harry could send mail to our GWIA.
    That is the only fix that I could come up with.
  • mdemel wrote:

    > I ended
    > up opening a port and sending all my users direct to the GWIA. I also
    > turned on forced authentication so that not just any Tom, *** or
    > Harry could send mail to our GWIA.

    If you have GWIA port 25 open to the world it *will* be found by
    hackers and spammers. Even if you have forced authentication it won't
    stop them from hammering away at your system trying various passwords
    for a way in.

    If your MX record(s) point to SMG you should open a unique high port
    for GWIA access for your users who need it or maybe setup your router
    to port forward a unique high port to GWIA at port 25.

    Kevin Boyle - Knowledge Partner
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below this post.
    Thank you.