Smartsheet SPF failure since November, coming from Sendgrid

Moam
Moam ✭✭
edited 11/22/23 in Smartsheet Basics

We've been getting problems receiving emails from SmartSheet since start of November – failing SPF checks as the IP of Sendgrid is not within their spf record. Looks like emails prior to November were being sent out via Mimecast which is in the SPF record.

For security reasons we’re not adding the domains into the allow list.

Is there a chance someone from Sendgrid can review their SPF record?

I’ve tried to contact support multiple times about this but they’re stuck reading from a script and are just focusing on advising me to add the domains to the allow list rather than fixing the root cause.

Emails are coming from ‘[email protected]

Thank you.

Answers

  • Genevieve P.
    Genevieve P. Employee Admin

    Hi @Moam

    The email address you noted is not one that's associated with Smartsheet app alerts from sheets, etc. That email is specific to Invoice alerts from the Finance team.

    I, too, would suggest the same resolution: adding the Smartsheet domains to the allow list. Here's the Help Article: All email appears to be blocked

    Cheers,

    Genevieve

  • Moam
    Moam ✭✭

    Hi Genevieve, thank you for replying,

    Would you know who deals with the SPF records for smartsheet? It looks like they need to be edited so that it includes 'sendgrid' then the emails won't be caught up in spam.

    Someone internally that handles the IT for Smartsheet should be able to make this change as this is going to impact all outbound emails from Smartsheet that are sent out using Sendgrid. (Someone would have been in charge

    in making the switch over from sending emails out of Mimecast to Sendgrid and will know this has happened)

    We won’t be adding any domains to the allow list as this puts the ownness on the recipient, and potentially allowing spam / malicious emails to pass through our spam filter. Whereas if the IT team for Sendgrid were to review and add sendgrid to their SPF record, the emails would no longer get flagged for failure on the recipient side confirming they are legitimate emails.

    Many thanks!