Solved

How to tell if Exchange Server 2007 is checking the SPF record

Posted on 2014-07-23
9
87 Views
Last Modified: 2015-10-28
A sender is trying to reach my client. The sender gets a "delivery has been delayed" bounce, and the email never arrives.

The only shortcoming I can find on both the sender's and the recipient's mail servers (according to Microsoft's test wizard) is that the sender's domain has no SPF record.

How can I tell if the recipient's Exchange Server 2007 is not allowing the email to deliver because of lack of SPF record?

Thanks.
Dave
0
Comment
Question by:DaveWWW
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 26

Expert Comment

by:DrDave242
ID: 40215615
Do you have an Edge Transport server? If so, it is likely checking the sender's SPF record, as Sender ID checking is enabled by default on Edge Transport servers. However, it is not enabled by default on Hub Transport servers, so if you have no Edge Transport server in your environment (which is the case if you only have a single Exchange server), there's a good chance you're not checking SPF records.

See this article for general information on Sender ID in Exchange 2007, and this article for information on enabling Sender ID checking on a Hub Transport server.
0
 
LVL 11

Expert Comment

by:NetoMeter Screencasts
ID: 40224051
I don't believe that the lack of an SPF record is the reason for this problem.

Actually, if the "delivery has been delayed" message is sent from the remote sender's domain postmaster - ex. "postmaster@remotesenderdomain.com", then it is quite possible the message is stuck in the queue of the remote email server. Checking the queue or using message tracking will show where exactly the message gets stuck.
0
 

Author Comment

by:DaveWWW
ID: 40224551
Thanks, and yes, I had checked the recipient's Exchange Server logs, and there are no search results for the senders domain at all anywhere that I can see.  I'll send a message to the sender's IT folks.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 10

Expert Comment

by:santhoshu
ID: 41028244
Hello there,

Can you let us know from which domain is the Delay Notification Email generated?

From: postmaster@xxx.com

If you notice the Delay Notification Email was generated on your organization server, this means the email has reached your server but delay delivering to another Servers.
 
In that case, we firstly need to check the email stuck on which server (which server generates the Delay  message).
 
Then, calculate the mail route and get the next hop server.
 
At last, check why there is an delay to send to the next hop server:
 
1.    Check DNS setting
2.    Ping the next hop server from the server which the email stuck on.
3.    Telnet to the next hop server from the server which the email stuck on and attempt send an email manually
4.    Check the SMTP log on the server which the email stuck on for more information
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 41028258
It is very unlikely that a lack of SPF would cause message-flow problems.  An incorrect SPF record might, but not a lack of.  More likely is a lack of Reverse DNS record (PTR).

Can the sender test the connection using telnet to see if there are any tell-tale messages from the Exchange 2007 server as that usually can help identify the problem very quickly.

https://support.microsoft.com/en-us/kb/153119

Example:
Telnet mail.exchange2007serverdomain.com 25
ehlo sendingdomain.com
mail from: sender@senderdomain.com
rcpt to: recipient@exchange2007domain.com

Then see if they get an error message and ask them what it is.

Alan
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 41028631
I would also agree with Alan that it is likely a Reverse PTR record casuing the issue. Reverse Record is a minimum requirement for sending email over the internet. If you do not have this set properly you will get flagged as a spammer very quickly.

Reverse Record needs to be setup by the ISP of the domain hosting Exchange.

Will.
0
 

Accepted Solution

by:
DaveWWW earned 0 total points
ID: 41096106
Sorry, I am going to have to abandon this question, as it is very stale, and the problem has not recurred.
0
 

Author Closing Comment

by:DaveWWW
ID: 41133626
Question is completely stale now, and the problem did not recur.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video discusses moving either the default database or any database to a new volume.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question