Skip to main content

How to Tag Email That Fail SPF Checks Using Domain-Wide Mail Rules

An effective way to alert users to potentially suspicious messages is by tagging the subject line of emails that fail SPF checks.

Garrett Saundry avatar
Written by Garrett Saundry
Updated over a week ago

Step 1: Access Your Email Control Panel

  1. Log into your Webnames.ca account

  2. Click on the My Account> Email Accounts menu

  3. Click the domain name for which you want to add/edit email accounts.

  4. On the current Email tab, scroll down to the Actions section.

  5. Under Manage Domain Mail Rules, click the Manage button


Step 2: Create a New Mail Rule

  1. Click + New Rule

  2. Enter a Name for the rule

  3. Assign a Priority for the rule

  4. In the Conditions section:

    • Choose Header Field from the dropdown.

    • Set the Parameter to one of the following, based on your preference:

Criteria

Parameter

If SPF check fails:

X-Webnames: spf-fail

If SPF check soft fails:

X-Webnames: spf-softfail

If SPF check finds an invalid record:

X-Webnames: spf-invalid

If SPF check find no SPF record:

X-Webnames: no-spf-record

Example:


Step 3: Define the Action

  1. In the Actions section:

    • Choose Tag Subject.

    • Enter a prefix such as:

      [SPF FAIL]
    • This will prepend the tag to the subject line of any email that fails the SPF check.

Feel free to define a different action of your choosing. See the "Available Rule Actions" section of our complete Help Guide for more information.


Step 4: Save and Enable the Rule

  1. Click Apply to save and enabled the rule.


Why Use This Rule?

  • Security Awareness: Helps users quickly identify potentially spoofed or unauthenticated emails.

  • Domain-Wide Protection: Applies uniformly to all mailboxes under your domain.

  • Compliance and Best Practices: Supports your broader email security strategy alongside SPF, DKIM, and DMARC.


Additional Tips

  • Educate your users to treat [SPF FAIL] emails with caution.

  • Combine this rule with others (e.g., blocking or routing to a dedicated folder) for enhanced protection.

  • Regularly review your mail rules to adapt to evolving threats.

See our complete article on Domain-wide Mail Rules for more in depth information regarding all available rule conditions and actions.

Did this answer your question?