GoDaddy Advanced Email Security

Hi,

I believe there should be a separate source added for GoDaddy Advanced Email Security, which currently uses ProofPoint as their security vendor.

The reason I believe a new source should be added is because the DNS records for GoDaddy Advanced Email Security are both found in a different area of the website as well as completely different to both ProofPoint and GoDaddy’s regular services.

GoDaddys available documentation is also lacking clarity with many of their guides not providing the information and when they do it’s not clear enough.

At the same time ProofPoint as well lacks a warning/section alerting users that users of GoDaddy’s Advanced Email Security should use a different set of DNS records / find them via one of the options below:

Feedback has been provided to both GoDaddy & Proofpoint, GoDaddy have vowed to improve their documentation and Proofpoint have passed the feedback onto their support and marketing teams to see what they can do to clear this up.

How/Where do I find my GoDaddy Advanced Email Security settings:

CNAME    autodiscover    autodiscover.outlook.com

MX     @    0    mx1-usg1.ppe-hosted.com
MX     @    0    mx2-usg1.ppe-hosted.com
MX     @    0    mx2-usg1.ppe-hosted.com
TXT     @     "v=spf1 include:_spf-usg1.ppe-hosted.com include:secureserver.net ~all"

You could alternatively use: a:dispatch-usg1.ppe-hosted.com instead of include:_spf-usg1.ppe-hosted.com which will save you 1 SPF lookup

You could alternatively also use include:spf-0.secureserver.net instead of include:secureserver.net which again will save you one SPF lookup

Logically you could also probably use include:spf.protection.outlook.com instead of include:spf-0.secureserver.net OR include:secureserver.net because if you’re sending emails through Office365 with Advanced Email Security from GoDaddy then you shouldn’t need to be authorizing GoDaddys regular IPs… This would again save you another SPF lookup.

Bare in mind with these alternatives down the line there could be issues with sources not being whitelisted/authorized if they add extra lookups

Hopefully this information helps someone!