Relay Server Security Changes
Incident Report for Zix | AppRiver
Resolved
This incident has been resolved.
Posted Feb 06, 2023 - 15:04 CST
Update
We have updated our plan of roll out to be March 8th at 9 AM CST.
Posted Mar 07, 2022 - 13:01 CST
Monitoring

As a security update to help combat spoofing and unauthorized email, we are making improvements to our Relay Server (relay.appriver.com) on March 1st, 2022. This server was mainly used for alerting or scan to email systems.


The security update will be an SPF record validation on incoming connections to our relay server. The SPF record check will verify the sending IP address is listed in the domain's SPF record. We understand this improvement will require many customers to add their sending IP address to their SPF record. The Set Up a SPF Record for AppRiver Hosted Services article provides more information on setting up an SPF record for Zix|Appriver services. An example of an valid SPF record is below.


Example: "v=spf1 include:edgepilot.com ip4:1.2.3.4 ∼all"


For O365 customers, you will need to use one of the options described in the How to set up a device or application to send using M365 article as O365 is not permitted to use the relay server and can lead to being blocked.
Posted Feb 16, 2022 - 13:25 CST
Update
We have reverted the SPF security update for now. We are planning on implementing this in a future security update to our relay server. We recommend anyone using our relay server to update their SPF to include the IP of the application/software to avoid future issues.
Posted Feb 03, 2022 - 11:24 CST
Update
We have scheduled this change to go into effect Feb 1st, 2022 (Tuesday). Please ensure your SPF records are correctly listing your IP's you will connect from to ensure no issues with use of our Relay Server.
Posted Jan 26, 2022 - 11:50 CST
Update
We are updating our security settings for our Relay Server which is normally used for scan-to-email systems. We are implementing an SPF check on incoming connections to ensure the sender of the email is validity listed in their SPF records. Any customer using relay will need to follow the guide below and update their SPF to include their sending IP in their SPF. This will be in the format of "v=sp1 ip4:1.2.3.4 -all" as an example. The below article will go over this as well. If you have any questions please reach out to support via ticket to support@appriver.com


SPF Update
Posted Jan 24, 2022 - 08:48 CST
Identified
We are updating our security settings for our Relay Server which is normally used for scan-to-email systems. We are implementing an SPF check on incoming connections to ensure the sender of the email is validity listed in their SPF records. Any customer using relay will need to follow the guide below and update their SPF to include their sending IP in their SPF. This will be in the format of "v=spf1 include:edgepilot.com ip4:1.2.3.4 -all" as an example. The below article will go over this as well. If you have any questions please reach out to support via ticket to support@appriver.com


SPF Update
Posted Jan 24, 2022 - 08:47 CST
This incident affected: Threat Protection (Email Threat Protection).
Current Status Powered by Atlassian Statuspage