asked on Why this spf error for my MS Exchange onprem server?
This is using MS Exchange in hybrid configuration. Some mailboxes are located in onprem while others on ms office365. We only configure spf - "v=spf1 include:spf.protection.outlook.com ?all".
Recently, we change the outgoing mails from onprem to be send directly from the onprem exchange server. We configured the mx record for the onprem exchange server. A user intend to send to recipient got the following spf error.
More Info for Email Admins |
| Status code: 550 5.7.23 This error occurs when Sender Policy Framework (SPF) validation for the sender's domain fails. If you're the sender's email admin, make sure the SPF records for your domain at your domain registrar are set up correctly. Office 365 supports only one SPF record (a TXT record that defines SPF) for your domain. Include the following domain name: spf.protection.outlook.com. If you have a hybrid configuration (some mailboxes in the cloud, and some mailboxes on premises) or if you're an Exchange Online Protection standalone customer, add the outbound IP address of your on-premises servers to the TXT record. For more information and instructions about configuring SPF records see Customize an SPF record to validate outbound mail sent from your domain and also External Domain Name System records for Office 365. |
| Original Message Details |
What shall we do with the spf error? shall we configure this spf record for onprem exchange server? is this possible?
Thanks,
ExchangeMicrosoft 365* SPF Records
Last Comment
David Favor
To answer your question requires the domain through which you're sending for testing.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Hi David,
No, I can't provide any domain (test) for testing.
Hi Mal Osborne,
I will update the spf records tomorrow
No, I can't provide any domain (test) for testing.
Hi Mal Osborne,
I will update the spf records tomorrow
ASKER
Thanks for both experts. It works
Note: If this fails to fix your problem in the future there are 2x new 550 returns from at least Google where the returned error messages are super bogus.
Bogus SMTP response formats...
1) Unauthenticated email from $your-domain is not accepted due to $various-reasons...
2) Message not accepted for policy reasons. See https://$your-domain...
If you see either of these message, open a new question about the exact/full SMTP responses + I'll post the fixes.
You may have to DM me + drop your question URL, as sometimes EE fails to present all questions to all users.
Bogus SMTP response formats...
1) Unauthenticated email from $your-domain is not accepted due to $various-reasons...
2) Message not accepted for policy reasons. See https://$your-domain...
If you see either of these message, open a new question about the exact/full SMTP responses + I'll post the fixes.
You may have to DM me + drop your question URL, as sometimes EE fails to present all questions to all users.