Hello,
I am using exchange 2013 SP1 on a small 1 server setup with only 1 outgoing IP address. Since installing 2013 we have been getting spoofed emails from legitimate addresses in our domain. I created an SPF record last weekend with my ISP that has a hard fail "-all" in it to try to stop these. It seemed to be working ok, but just today I received a spam message where the return path was my email address eventhough the "smtp server id" IP address in the message properties was not mine. How can this happen? My spf record references my MX and A records as permitted senders and hard fail for anyone else.
Thanks,
Bjonwayne