Solved

A Few Exchange emails bouncing - SPF Records listed as reason?

Posted on 2013-01-15
6
1,236 Views
Last Modified: 2013-03-03
Hello,

We have Exchange 2010 setup for mutliple tenants and a few of them are reporting this error when sending out emails to a few domains. However, 99% of email is going through with no kick backs. Any recommendations?

_______________________________________________________________________________


dsmdc-mail-imta-02 rejected your message to the following e-mail addresses:

Cust First And Last Name(customer@mchsi.com) (customer@mchsi.com)


dsmdc-mail-imta-02 gave this error:
<customer@domain.com> Invalid SPF record please see http://www.openspf.org - POL007


This message was rejected by the recipient e-mail system. Please check the recipient's e-mail address and try resending this message, or contact the recipient directly.

Diagnostic information for administrators:

Generating server: UPEXSVR01.domain.local

customer@mchsi.com
dsmdc-mail-imta-02 #550 5.1.0 <customer@email.com> Invalid SPF record please see http://www.openspf.org - POL007 ##

Original message headers:

Received: from UPEXSVR01.domain.local ([fe80::c0b3:72a:1f6c:4e6f]) by
 UPEXSVR01.domain.local ([fe80::c0b3:72a:1f6c:4e6f%11]) with mapi id
 14.02.0328.009; Tue, 15 Jan 2013 08:15:56 -0600
From: Cust First And Last Name<customer@domain.com>
To: "Cust First And Last Name(customer@mchsi.com)" <customer@mchsi.com>
Subject: test sending from customer1 to mediacom
Thread-Topic: test sending from customer1 to mediacom
Thread-Index: Ac3zKtrFxsJlwDQwSDWV6CeUKvbALQ==
Date: Tue, 15 Jan 2013 14:15:54 +0000
Message-ID: <E7BB29BF7867C6448048E7EC6CB6E4A36E129D@UPEXSVR01.99.domain.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [173.23.51.89]
Content-Type: multipart/alternative;
      boundary="_000_E7BB29BF7867C6448048E7EC6CB6E4A36E129DUPEXSVR01999domain_"
MIME-Version: 1.0
0
Comment
Question by:Pcbydesignllc
  • 3
  • 2
6 Comments
 
LVL 19

Expert Comment

by:R--R
ID: 38778924
There are some domains which checks the SPF record. Do you have a SPF record for your domain?
0
 

Author Comment

by:Pcbydesignllc
ID: 38778942
No, these customers do not. Would we need it on the main Exchange Server domain, or the customers domains?

Thanks
0
 
LVL 19

Expert Comment

by:R--R
ID: 38779006
You are getting this while sending or receiving mails?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:Pcbydesignllc
ID: 38779020
I'm not, and I'm on the same domain sending to mchsi.com. Two different client's are though, who are also on our Hosted Exchange Server
0
 

Author Comment

by:Pcbydesignllc
ID: 38779023
Sending -
0
 
LVL 25

Accepted Solution

by:
DrDave242 earned 500 total points
ID: 38794009
No, these customers do not. Would we need it on the main Exchange Server domain, or the customers domains?
An SPF record is needed for the sending domain (the domain that the mail is originating from, not the domain it's going to).  The function of SPF is to define what servers are allowed to send mail from a particular domain.  The website mentioned in the error (http://www.openspf.org/) has very good information on what SPF is and how it works, but there's a lot of info there, so you may not want (or have time) to wade through it all.

Several websites have wizards you can use to generate an SPF record for a domain (the Microsoft one is here, for example).  Note that the records generated by these wizards are often more complex than they need to be, but they'll get the job done.  If you'd rather create the record manually, I can help with that, but I will need some information about the sending domain and what mail servers are authorized to send mail from it.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now