SPF and other questions
Hi!!I have several questions. 1 .- I have created the SPF record in DNS (v = spf1 ptr ip4: 83.x.x.x mx:exchange2003.domain.com ~ all), but my emails are internal address of my Exchange domain. I have checked and the relay is closed. The IMF is also set Checks and measures that can bring more to prevent this? 2 .- I suppose the mailboxes of users who have configured as POP3 and only have logued this protocol, the folder "junk mail" is not created. It is possible by creating a script for all users?. 3 .- Another Exchange server that I test, when I go to the properties of the SMTP, Delivery, Advanced, in the fully qualified domain name since I have the name of my server: exchange2003.domain.com. When I check the DNS says "The domain name is invalid." I have also put the internal name of the server but can not be wrong. It is normal?. The reverse pointer is created by my ISP.Thanks
May 6th, 2009 10:37pm
Any idea please?, Are killing me SPAM
Free Windows Admin Tool Kit Click here and download it now
May 7th, 2009 9:35pm
1. SPF Record must beadded at the entity in charge of your External DNS Records. Has this been completed? Have you tested it?2. Not sure what you are asking here?3. How exactly are you connected to the Interent? Do you have a Smarthost setup for your Exchange Server? I would also suggest running ExBPA to insure settings are correct. Reverse PTR can be tested at www.dnsstuff.com.Lastly, what are trying to accomplish here? I assumed you are trying enable IMF, setup your SPF and insure all your External DNS Records are correct?MVP Exchange Server
May 8th, 2009 4:14am
Hi John,1.- I have a TXT record (SPF) in external DNS running. I checked in http://www.vamsoft.com/spfcheck.asp, http://www.politemail.com/check-spf.aspxand http://www.kitterman.com/spf/validate.htmlv = spf1 ptr ip4: 83.x.x.x mx:exchange2003.domain.com ~ all2.- You can create folders of junk mail to all mailboxes with a script?3.- The Exchange 2003 is published through ISA 2006. It has only one internal IP. External DNS resolves properly, so when I notice that my concern to check the DNS in the SMTP tells me When I check the DNS says "The domain name is invalid." The PTR is OK in the DNS of my ISP and resulve www.dnsstuff.com correctly. That does not resolve the name? I am putting the external name published in the DNS: Server.mydomain.com. Also if I put the inmate, also fails: server.mydomain-internal.comthanks John
Free Windows Admin Tool Kit Click here and download it now
May 9th, 2009 12:39pm
Hi,
1. Regarding the first question, I would like to know whether you received spam email from your internal domain address and you would like to solve the issue by use Sender ID Filter. If I am off base, please let me know.
If I am right, I would like to explain that your SPF record is ~ all The ~ means Discouraged; mail may legitimately originate from IP addresses not identified above, however, use of such IP addresses is discouraged and may not be permitted in the future, the Sender ID filter status will be soft fail if the send mail server IP address is not listed in SPF record.
Instead, if you create a SPF record by selecting No; this domain sends mail only from the IP addresses identified above or -, the Sender ID filter status will be fail if the send mail server IP address is not listed in SPF record. Then, the message will be deleted or rejected based on your configuration.
2. I would like to explain that when the user receive first email, his mailbox is created including the Junk Email folder on the Exchange Server automatically. If you use POP3 client to receive messages, only messages in the Inbox are downloaded to the client. Please understand that the POP3 client such as Outlook, use local PST files to save the message instead of the mailbox on the Exchange server. Based on the test, the Junk Email Folder exists when I create POP3 account. Nevertheless, the Junk Email folder belongs to the local PST which has no relationship with the Junk Email folder on the mailbox on Exchange 2007.
3. I would like to explain that if the external mail server is able to resolve your external IP Address to the FQDN which you configured on the SMTP virtual server, I think that there is no problem. The error "The domain name is invalid just means that the FQDN configured on SMTP Virtual Server cannot be resolved to an IP Address.
Mike
May 11th, 2009 7:57am
I Moved SPF record"v = spf1 ptr ip4: x.y.z.w. mx: exchange2003.mydomain.com -all" but I am still coming so much spam that they are sent for me. an example:
***********************************************
Microsoft Mail Internet Headers Version 2.0Received: from ppp95-165-1-148.pppoe.spdop.ru ([95.165.1.148]) by exchange2003.mydomain.com with Microsoft SMTPSVC(6.0.3790.3959); Sat, 9 May 2009 20:57:50 +0200To: salvador@mydomain.comSubject: trabajo para "Aurora Consulting"From: salvador@mydomain.comMIME-Version: 1.0Importance: HighReturn-Path: salvador@mydomain.comMessage-ID: <MAIL30kkZIhTrBoe2U800000d87@correo.elderecho.com>X-OriginalArrivalTime: 09 May 2009 18:57:50.0999 (UTC) FILETIME=[0D36FA70:01C9D0D8]Date: 9 May 2009 20:57:50 +0200Versin de producto de X-TM-AS: SMEX-8.2.0.1164-5.600.1016-16632.001Resultado de X-TM-AS: Yes-27.989100-4.000000-31Remitente permitido de usuario de X-TM-AS: NoRemitente bloqueado de usuario de X-TM-AS: No
***********************************************
Microsoft Mail Internet Headers Version 2.0Received: from advdim.com ([211.216.30.100] RDNS failed) by exchange2003.mydomain.com with Microsoft SMTPSVC(6.0.3790.3959); Sun, 10 May 2009 07:21:29 +0200To: salvador@mydomain.comSubject: trabajo con ocupacion parcialFrom: salvador@mydomain.comMIME-Version: 1.0Importance: HighContent-Type: text/htmlReturn-Path: salvador@mydomain.comMessage-ID: <MAILd9QkTDi0qmvcMU10000144a@correo.elderecho.com>X-OriginalArrivalTime: 10 May 2009 05:21:30.0624 (UTC) FILETIME=[2D0CA000:01C9D12F]Date: 10 May 2009 07:21:30 +0200Versin de producto de X-TM-AS: SMEX-8.2.0.1164-5.600.1016-16632.004Resultado de X-TM-AS: Yes-62.100200-4.000000-31Remitente permitido de usuario de X-TM-AS: NoRemitente bloqueado de usuario de X-TM-AS: No
***********************************************
Free Windows Admin Tool Kit Click here and download it now
May 11th, 2009 10:09pm
Hi,
1. I suggest you double check that the Exchange Server is configured to delete or reject the message when Send ID filter check failed.
2. I suggest you refer to following article to check whether the spam message which you received is set as Send ID filter fail:
Sender ID
http://msexchangeteam.com/archive/2005/10/13/412487.aspx
To better understand the Send ID filter in Exchange 2003 Service Pack 2:
http://www.redline-software.com/eng/support/articles/msexchange/2003/configuring-and-enabling-sender-id-filtering-in-exchange-2003-sp2.php
Mike
May 12th, 2009 10:23am