Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How do I add SPF support to my Exchange?

Status
Not open for further replies.
Sep 1, 2008
9
US
I have set up an SPF record for my client via network solutions. I've gone through all the steps outlined on msexchange.org. To summarize, I have:

-Set client up with SPF record using a " -all"
-Applied Intelligent Message Filter on SMTP virtual server
-Enabled and configured sender id filtering within exchange
-Set sender ID filtering to REJECT

However, with these settings, all incoming email is blocked. Nothing gets through. The sender gets an NDR saying that they do not have permission to send to the recipient. Is there something I need to tweak? Someone told me that Sender ID cannot be used on server 2003 because you cannot be sure whether the remote side has set it up correctly. Thanks in advance.
 
So what would the ideal setting be? Delete? I think when I set it to delete - I have the same problem where all email is blocked. Right now I have it to accept - this allows the email through but I don't know that any of the spoofed email is being caught.
 
Sender ID, and other similar technologies, should be used to develop a profile, or weight. As part of an overall hygiene solution, you can act on the ending weight. But I wouldn't block or delete based on just Sender ID as its limited implementation will result in the exact problem you've encountered.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
I use SPF records and do a delete on fail only. So a domain with no record is fine, a domain with an SPF record that matches is fine and I only delete those emails where the source address doesn't match anything on the record.

Took 5 minutes to implement and has been working for years.
 
Does my setup look any different than yours? Are you using exchange 2003 as your filter as well?
 
Can anyone direct me to Step By Step instructions on how to setup this scenario. I'm looking in ESM and I do not see Intelligent Message Filter on the smtp server.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top