How to tell the internet than an IP is safe.
Hi Experts.
I am doing work for a manufacturer. They have email that is hosted by the ISP, so it is not in house.
I have a legacy system (AS400/iseries) that is in-house that I am sending emails out to vendors for Purchase orders. The system creates PDF's then creates the email and sends out. So it does not go thru the regular email system.
So, we have had some emails not get delivered and some bounce back. I have gone thru the option to tell Office 365 to whitelist the ip address we are sending from.
The question is, Can we tell the world that our IP is safe via DNS in some way? Otherwise, we are going to have to send emails to companies that we get kickbacks from and request that they white list us. Issue is small now, but I am getting ready to add customer service to emailing invoices, etc too and it is only going to get bigger.
I am doing work for a manufacturer. They have email that is hosted by the ISP, so it is not in house.
I have a legacy system (AS400/iseries) that is in-house that I am sending emails out to vendors for Purchase orders. The system creates PDF's then creates the email and sends out. So it does not go thru the regular email system.
So, we have had some emails not get delivered and some bounce back. I have gone thru the option to tell Office 365 to whitelist the ip address we are sending from.
The question is, Can we tell the world that our IP is safe via DNS in some way? Otherwise, we are going to have to send emails to companies that we get kickbacks from and request that they white list us. Issue is small now, but I am getting ready to add customer service to emailing invoices, etc too and it is only going to get bigger.
You can use HTTPS for your site. It is secure version of HTTP.
Read more details about this from Wiki-
https://en.wikipedia.org/wiki/HTTPS
Read more details about this from Wiki-
https://en.wikipedia.org/wiki/HTTPS
Some mail systems do a lookup on the IP address and see if it is associated with a DNS MX record associated with the domain. Some use SPF, as noted above. In both cases, they want to see that the IP address that is establishing an SMTP connection has something in DNS that they can use to verify that the IP is associated with the domain found in FROM addresses.
Best practice is to just forward all mail through the same mail server(s). The rest of the business forwards mail through the ISP, so, if possible, it would be best to just configure the iSeries to just do the same thing. Is there an in-house mail server (Exchange, for example), or does each user actually have a mailbox with the ISP?
(Mail isn't delivered over HTTPS, so HTTPS has nothing to do with this conversation.)
Best practice is to just forward all mail through the same mail server(s). The rest of the business forwards mail through the ISP, so, if possible, it would be best to just configure the iSeries to just do the same thing. Is there an in-house mail server (Exchange, for example), or does each user actually have a mailbox with the ISP?
(Mail isn't delivered over HTTPS, so HTTPS has nothing to do with this conversation.)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Use an existing Reply-To address on the companies mailserver, most of the time that will be enough
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I will work on the SPF creation and hopefully get it in place early next week.
Kevin
Kevin
Be sure to user the DMarician tool to verify your SPF records.
I've been setting up mail systems since the mid 1990s + I still check every step of my work, as producing high deliverability email requires many steps + each must be 100% correct, or all subsequent steps make no difference.
I've been setting up mail systems since the mid 1990s + I still check every step of my work, as producing high deliverability email requires many steps + each must be 100% correct, or all subsequent steps make no difference.
ASKER
Thanks so much for the recommendations. I need to work on this and get it live.
https://en.wikipedia.org/wiki/Sender_Policy_Framework