Do I put an SPF record on my exchange server's DNS or with my host's DNS records?
I'm starting to get a lot of spoof and spam email through our ForeFront Filter. I'm pretty new as an exchange admin but I'm all we have...my research shows that I would bennifit from an SPF record and I've found a few wizards to create them.
Can someone recommend the best way to get one created properly and tell me how to install it? Does it go on my exchange server or with my host records? Maybe something I do via my ISP?
Thanks for the help!
Can someone recommend the best way to get one created properly and tell me how to install it? Does it go on my exchange server or with my host records? Maybe something I do via my ISP?
Thanks for the help!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You are welcome. Shout if you need any more help.
I'll just take a look at your other question and if I can't help, I'll see if I can find someone who can.
BRB.
Alan
I'll just take a look at your other question and if I can't help, I'll see if I can find someone who can.
BRB.
Alan
ASKER
I had to take a phone call...just seeing your response....thank you, thank you, thank you! I'm going to look at my other post and see if anything's happened there. Thanks again.
My pleasure. Fingers crossed I'll get you all sorted asap.
Alan
Alan
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Okay, I'm hosted by iPage and was using their mail service for a trial period and using IMAP for all my users.
The 66.96.128.0/18 addresses are from the iPage mail service which we are no longer using.
Currently, we only send from our domain with our own server....should I just copy and paste your first SPF record to my host DNS profile or should I use the link to have MS create one for me as you suggested earlier?
The 66.96.128.0/18 addresses are from the iPage mail service which we are no longer using.
Currently, we only send from our domain with our own server....should I just copy and paste your first SPF record to my host DNS profile or should I use the link to have MS create one for me as you suggested earlier?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks....and I assume that I remove the old one (v=spf1 ip4:66.96.128.0/18 ?all) , this new one is NOT in addition to it, correct?
Correct - remove the current one and add the new one or overwrite the current one with the new one.
ASKER
It's done....if you care to spend the time...could you please explain what that does for me? What that record means?
Is there anything more I can do on my local server, besides filtering with Forefront, that will help with the spoof and spam?
Is there anything more I can do on my local server, besides filtering with Forefront, that will help with the spoof and spam?
Sure - it basically tells the world that the only mail servers permitted to send mail on behalf of your domain are the same as your inbound mail servers. If anything else tries to send mail claiming to be your domain, treat it as a spammer and reject it.
SPF is a tool to help you protect your domain so that when you send emails out - the receiving end can verify you are who you say you are and it should reduce (not eliminate - not everyone checks for an SPF record) the amount of mail being sent out pretending to come from your domain (spoofed mail).
In terms of tweaking anything local - it really depends on what you currently have configured as to what you may may not need to do to reduce spam. Personally I don't use / like Forefront, (I prefer Vamsoft ORF Fusion because it can be easily configured, it does a damn good job and it is well priced - Looking through the logs and sorting is also very easy), so I can't recommend the best practise ways to reduce mail specifically, but using some good IP Blacklists such as the Barracuda Block List would be helpful if you aren't already using an IP Address Blacklist.
SPF is a tool to help you protect your domain so that when you send emails out - the receiving end can verify you are who you say you are and it should reduce (not eliminate - not everyone checks for an SPF record) the amount of mail being sent out pretending to come from your domain (spoofed mail).
In terms of tweaking anything local - it really depends on what you currently have configured as to what you may may not need to do to reduce spam. Personally I don't use / like Forefront, (I prefer Vamsoft ORF Fusion because it can be easily configured, it does a damn good job and it is well priced - Looking through the logs and sorting is also very easy), so I can't recommend the best practise ways to reduce mail specifically, but using some good IP Blacklists such as the Barracuda Block List would be helpful if you aren't already using an IP Address Blacklist.
ASKER
Thanks....I appreciate all the help....I really, really do!
I'm using Forefront because I already had a copy of it on hand. I'm not sure how good/bad or user friendly it is compared to other products because I'm super new to the exchange environment (completely self taught) and I have no experience with any other products. I'm going to look at the product you mentioned.
I set FF up just as it comes right out of the box and subscribed to all the filters it comes with in it's stock form. Is there some way to subscribe to additional filters like the Barracuda Block List, if it isn't there by default already?
Is it appropriate to be discussing this here or am I too far off on a tangent from the OP Question?
Lastly, is it recommended that I mark this "answered" and award points now that I've updated my SPF record according to your recommend or should I wait for positive results and return in a few days to close this post?
I'm using Forefront because I already had a copy of it on hand. I'm not sure how good/bad or user friendly it is compared to other products because I'm super new to the exchange environment (completely self taught) and I have no experience with any other products. I'm going to look at the product you mentioned.
I set FF up just as it comes right out of the box and subscribed to all the filters it comes with in it's stock form. Is there some way to subscribe to additional filters like the Barracuda Block List, if it isn't there by default already?
Is it appropriate to be discussing this here or am I too far off on a tangent from the OP Question?
Lastly, is it recommended that I mark this "answered" and award points now that I've updated my SPF record according to your recommend or should I wait for positive results and return in a few days to close this post?
I don't know it well enough to comment as I've never used it in anger. I have used the built-in Exchange tools for a few months, but that was not a good experience.
Technically you should stick to the topic of the question on EE otherwise the question can get very diluted and it doesn't help anyone much in the years to come when they search and find a question about one thing and it then veers off on a tangent.
My recommendation on awarding points is to only award them as and when you feel you have had the question answered and if relevant, verified that the advice you have been given is good advice. Some 'Experts' (I use the term loosely) try to encourage you to award points for just turning up and linking you to something they googled - don't be railroaded into closing a question down by them until you are 100% happy.
Alan
Technically you should stick to the topic of the question on EE otherwise the question can get very diluted and it doesn't help anyone much in the years to come when they search and find a question about one thing and it then veers off on a tangent.
My recommendation on awarding points is to only award them as and when you feel you have had the question answered and if relevant, verified that the advice you have been given is good advice. Some 'Experts' (I use the term loosely) try to encourage you to award points for just turning up and linking you to something they googled - don't be railroaded into closing a question down by them until you are 100% happy.
Alan
ASKER
Thank you for the help...I'm very happy with the solution here....I asked in my post if the SPF installs locally or with my host DNS info....you answered that and went above and beyond to help me with creating one and getting it working. Having positive results on my MX environment isn't really related so I'm going to close the post. I look forward to your help on my other current and future posts. Thanks again.
Perfect - happy to have helped. See you in the future!!
Alan
Alan
ASKER
I'm brand new here after finally listening to a tech buddy of mine that has said great things about this site for years.
I'm having a big problem on my network now. I just registered this morning and posted a harder question about 3 hours ago and haven't seen a single comment yet...any chance you could look at it for me or recommend a way to get eyes on it?