- Plesk for Linux
Analyzing an email header sent from plesk with MXToolbox or similar shown the following error on the report:
PLESK_ERROR: SPF Authentication : SPF Failed for IP - 127.0.0.1
The email was sent from Plesk using webmail.
Full header does show the Plesk Server IP on the first
CONFIG_TEXT: Received: from plesk-hostname.example.com(unknown [203.0.113.2])
Same header reports a correct SPF result of
CONFIG_TEXT: Authentication-Results server.hostname.plesk; spf=pass (sender IP is 127.0.0.1) firstname.lastname@example.org smtp.helo=plesk-hostname.example.com
Received-SPF pass (plesk-hostname.example.com: localhost is always allowed.) client-ip=127.0.0.1; email@example.com; helo=plesk-hostname.example.com;
This is expected for emails sent from the webmail, 127.0.0.1 is added to the email headers. While sending email from email client will show the client IP instead. Additionally, if Plesk Email Security is installed, Amavis service may add the localhost when it scans the email passed from Postfix.
The SPF result is
pass so no actions are required. localhost IP failed message can be safely ignored.
As an alternative, in case this does cause issues with delivery to some mail servers with more strict security settings, postfix sender IP information can be hidden or altered via
header_checks by using the workaround in this article: