Re: SPF
- From: v-natliu@xxxxxxxxxxxxxxxxxxxx ("Nathan Liu [MSFT]")
- Date: Thu, 08 Dec 2005 01:04:28 GMT
Hi Claus,
Thanks for your quick update.
>> This is exactly the area I would like to get clarified. ¡°Transient
error SUCH as unavailable DNS server¡±. Given that this is an SBS2003 box,
the DNS runs on the same server as the Exchange. So how could it be
unavailable? Also, the wording of ¡°such as¡± indicates other
possibilities. What are they?
Please kindly note we perform SPF record look up on public (ISP) DNS Server
(You register the nova-tech.org Domain Name in this ISP DNS Server), not
the SBS DNS Server. When we enable the Sender ID on the Exchange Server,
and a external Sender sends email to the Exchange Server, Exchange Server
will query Internet DNS for SenderID/SPF records for the incoming e-mail
message and then, depending on the result of that check, take appropriate
actions on that message.
>> Below is the header of one of those emails. As you can see the email
claims to come from Nova-Tech.org but the IP address doesn't match the SPF
record in the DNS. That would indicate to me that the Exchange server
should discard the message. Instead I get the Transient error.
1) Based on my test, we cannot found the nova-tech.org domain's SPF
record, please help me double-confirm it, to do so, please perform the
following steps:
a. Open this http://www.seoconsultants.com/tools/spf/ link,
b. Enter the Email Address or Domain or SPF String, for example,
nova-tech.org
c. Enter the IP Address Email is Coming From, for example,
203.184.138.131, click Lookup
d. The result of SPF lookup is NONE.
(None - No SPF record was found. It cannot be determined if the IP is
allowed to send E-mail from this domain. )
2) Please kindly re-check the "Sender ID Framework SPF Record Wizard" in
this link:
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
default.aspx
Step 1: Identify Your Domain: nova-tech.org
Step 2: Display Published DNS Records: No SPF Record Found. A and MX
records Available.
Step 3: Create SPF Record: Input appropriate information and specify one
option for "Does nova-tech.org send e-mail from any IP addresses that are
not identified in the above sections?"
Step 4: Generate SPF Record: Please paste the generated SPF record in a
notepad or word document and provide it to your ISP to insert into your DNS
record. (After some days, your SPF record will be published to entire
Internet DNS Server for query)
Note: Please kindly note that Sender ID is an e-mail industry initiative
championed by Microsoft and other industry leaders as a technical solution
to help counter spoofing¡ªthe No. 1 deceptive practice used by spammers. It
is a new feature and in the popularization step.
I appreciate your time and cooperation. Please do not hesitate to let me
know if you have any further concerns, I am looking forward to hearing from
you.
Have a nice day!
Best regards,
Nathan Liu (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- Follow-Ups:
- Re: SPF
- From: "Nathan Liu [MSFT]"
- Re: SPF
- References:
- Prev by Date: VPN Security...
- Next by Date: Trend Micro problems
- Previous by thread: Re: SPF
- Next by thread: Re: SPF
- Index(es):
Relevant Pages
|
