How do I set up Sender Pollicy Framework ( SPF) for email domains hosted on Microsoft Exchange 2016 ?
Hi,
My customer has several different email domains hosted on an in-house Microsoft Exchange 2016 server.
How do I set up Sender Policy Framework (SPF) for these domains ?
Note:
- Exchange is 2016CU16 on Windows 2012 Server
- The domains DNS zones are hosted with several different registrars
My customer has several different email domains hosted on an in-house Microsoft Exchange 2016 server.
How do I set up Sender Policy Framework (SPF) for these domains ?
Note:
- Exchange is 2016CU16 on Windows 2012 Server
- The domains DNS zones are hosted with several different registrars
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
If you're using in-house MTAs, then your SPF record in your DNS zone file will have ipv4:X.X.X.X entries.
Here's an example zone file snippet describing an SPF record authorizing various sending IPs...
For in-house MTAs, you'll likely use ipv4 nomenclature or create your own SPF include block.
Here's an example zone file snippet describing an SPF record authorizing various sending IPs...
@ IN TXT ("v=spf1"
" ip4:136.49.241.94" ; GoogleFiber residential connection
" ip4:198.27.112.72/30" ; net14 IP block - catcher + smtp[1234]
" include:mailgun.org" ; Mailgun Published Netblock
" -all")
For in-house MTAs, you'll likely use ipv4 nomenclature or create your own SPF include block.
ASKER
@David Favor I'm confused. Why do I have to use IP addresses rather than the host names I had in my SPF record ? I actually used the wizard to generate this !
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Split:
-- 'Udara Peiris' (https:#a43082549)
-- 'David Favor' (https:#a43082573)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Split:
-- 'Udara Peiris' (https:#a43082549)
-- 'David Favor' (https:#a43082573)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
Exchange
Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.
213K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER
"v=spf1 mx a a:in.hes.trendmicro.com a:mail.mydomain.com a:mail.internode.on.net a:mailgun.org include:mailgun.org -all"
Servers that could be validly sending emails from @mydomain.com
in.hes.trendmicro.com (Trend Micro Hosted Email Security (HES) inbound anti-virus mail server (scans all incoming email)
mail.mydomain.com (my on-premise Microsoft Exchange server)
mail.internode.on.net (my ISP – for some on premise hardware devices that generate SMTP notification emails)
mailgun.org (for email generated from my externally hosted web site)
However when I test on :
https://mxtoolbox.com/SuperTool.aspx
using the MX Record lookups
It says SPF is now correctly setup BUT :
How do I setup DMARC as well ?