?
Solved

Mail spf record

Posted on 2011-10-21
9
Medium Priority
?
421 Views
Last Modified: 2012-05-12
How should i correct the atkasgozetim.com server's spf records. it return some errors like

atlasgozetim.com        nameserver = ns4.salay.com.tr
atlasgozetim.com        nameserver = ns1.moviegy.com
atlasgozetim.com        nameserver = ns2.moviegy.com
atlasgozetim.com        nameserver = ns3.salay.com.tr
atlasgozetim.com        text =
 
        "v=spf1 +a +mx -all"
 
ns4.salay.com.tr        internet address = 77.223.156.5
ns3.salay.com.tr        internet address = 77.223.156.4


smtp-20111020-10.log:            20111020 08      :50:44 ---------------- SPF MAIL FROM  check failed (Fail) - message rejected (550), (domain=atlasgozetim.com), (address=77.223.156.17), (user=atlas@atlasgozetim.com)
smtp-20111020-10.log:            20111020 08      :54:02 ---------------- SPF MAIL FROM  check failed (Fail) - message rejected (550), (domain=atlasgozetim.com), (address=77.223.156.17), (user=atlas@atlasgozetim.com)
smtp-20111020-11.log:            20111020 09      :05:49 ---------------- SPF MAIL FROM  check failed (Fail) - message rejected (550), (domain=atlasgozetim.com), (address=77.223.156.17), (user=atlas@atlasgozetim.com)
0
Comment
Question by:3XLcom
  • 4
  • 3
  • 2
9 Comments
 
LVL 11

Accepted Solution

by:
John Easton earned 1000 total points
ID: 37005301
Looking at the error message the e-mail is originating from address 77.223.156.17.  However, the SPF record only allows message to come from the server reference in the 'A' record (probably your ISP's web server, or the servers in your 'MX' record (likely to be your ISP's mail server).

I assume you are therefore sending the message directly from your own mail server.  If this is the case there is a couple of ways to fix this problem.

1. Change the '-all' to '?all' which will tell server mail could come from anywhere.  Some server may still reject this however.

2. Add your mail server to the SPF.  For example "v=spf1 a mx ip4:77.223.156.17 -all"  You can use the tool at Microsoft to customise this if you want:  http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/default.aspx

Hope this helps
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 37007374
Adding on to what JEaston said,

All you need in your SPF record is the IP(s) of your sending server(s).

If 77.223.156.17 is your only sending IP, then the SPF record should be
"v=spf1 a mx ip4:77.223.156.17 -all"

Open in new window


There is no need to add the "a" or "mx" mechanisms, as they both resolve to the same IP, and that IP is apparently not your sending server.
[root@broken ~]# dig atlasgozetim.com +short
77.223.156.4
[root@broken ~]# dig mx atlasgozetim.com +short
10 mail.atlasgozetim.com.
[root@broken ~]# dig mail.atlasgozetim.com +short
77.223.156.4

Open in new window

0
 

Author Comment

by:3XLcom
ID: 37037736
i got my mind get complicated


actually this server is under my salay.com.tr domain and ns3.salay.com.tr and ns4.salay.com.tr points this domain .

but i am not sure how they get my
mail.salay.com.tr server's ip adress for spf check.

and i should not understand how to resolve this issue ?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 11

Expert Comment

by:John Easton
ID: 37037978
None of the domains you have listed appear to resolve to the IP address in your original post (77.223.156.17).  It might be that this server forwards mail to another server which then actually delivers it.  This is likely to be the case if you are generating the e-mails from a website and the mail server is seperate.

Have you tried either the SPF record Papertrip or I suggested.  Did it work or have you got a new error message?
0
 

Author Comment

by:3XLcom
ID: 37038299
no there is nothing like this the server sending email directly ,


one of my customer got this email from their client and i suprised the only way of 77.223.156.17  is mail.salay.com.tr but there is no connection on dns lines of the server of atlasgozetim.com.


the server's reverse adress is lin.salay.com.tr maybe their mail server is looking for salay.com.tr for mail relay and see this ip :S i do not know but they send me this for information :



Messages sent from @atlasgozetim.com are being rejected as a result of SPF MAIL FROM check failure. Please find our logs below.
 
smtp-20111020-10.log:            20111020 08      :50:44 ---------------- SPF MAIL FROM  check failed (Fail) - message rejected (550), (domain=atlasgozetim.com), (address=77.223.156.17), (user=atlas@atlasgozetim.com)
smtp-20111020-10.log:            20111020 08      :54:02 ---------------- SPF MAIL FROM  check failed (Fail) - message rejected (550), (domain=atlasgozetim.com), (address=77.223.156.17), (user=atlas@atlasgozetim.com)
smtp-20111020-11.log:            20111020 09      :05:49 ---------------- SPF MAIL FROM  check failed (Fail) - message rejected (550), (domain=atlasgozetim.com), (address=77.223.156.17), (user=atlas@atlasgozetim.com)
The domain @atlasgozetim.com has the following SPF record.
 
atlasgozetim.com        text = "v=spf1 +a +mx -all"
However, the messages are being relayed via an unauthorized IP address (77.223.156.17).
 
Could you please inform the responsible admins about this.
 
I trust to have informed you well on this issue.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 37038326
Change the SPF record as suggested.
0
 

Author Comment

by:3XLcom
ID: 37038544
Should you please check if i do the right i have updated dns records and restart the services
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 1000 total points
ID: 37038587
[papertrip@broken ~]$ dig txt atlasgozetim.com +short
"v=spf1 a mx ip4:77.223.156.17 -all"

Open in new window


Technically that is correct, but remove the "a" and "mx" mechanisms as they are unnecessary if you aren't ending from 77.223.156.4 and will only cause additional DNS lookups to be made for each SPF check.
0
 

Author Closing Comment

by:3XLcom
ID: 37048741
Thnx issue resolved
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question