[Hidden-tech] Outlook Error Message
Michael Muller
tech at montaguewebworks.com
Thu May 28 18:25:26 UTC 2020
Another thought I had was whether you were using the approved email
server for your domain.
I had a case in the past where one client would be unable to receive
some emails from one of their customers. Emails sent during the day came
through fine. Emails in the evening would be blocked. After some review
of the mailserver logs I saw that the sender was trying to send email
from home using Comcast's mail server, which was not included in their
DNS' SPF record, which specifies which mail servers are allowed to send
email "FROM:" their domain. Comcast wasn't in the list. My client asked
me to fix it. I said their customer needed to stop using Comcast's mail
server, or their IT person needed to include Comcast in their SPF
record. That would fix the problem.
So, I guess one question that can be asked is... are you using the
correct mail server, as specified in the SPF record of your DNS?
This is what mine looks like:
@ IN TXT ("v=spf1 ip4:216.144.202.99 ip4:216.144.202.140 ip4:216.144.210.10 -all")
Translated to English, this means "treat all email that doesn't come
from these three email servers as spam and delete them."
Thanks,
Mik
---
Mik Muller, president
Montague WebWorks
239-R Main Street, Greenfield, MA
413-320-5336
http://MontagueWebWorks.com
Powered by ROCKETFUSION
On 5/28/2020 1:21 PM, Sam McClellan via Hidden-discuss wrote:
> Yes, I added a DMARC record to his dns earlier but it didn't help so far.
>
> For those who are interested, I created a knowledgebase article for
> our site on DMARC, what it is and how to create one here:
>
> https://itabix.com/client/knowledgebase/10077/Whatandsharp039s-a-DMARC-and-how-can-it-help-keep-my-emails-from-getting-rejected.html
>
> Here's the relevant part below. If you want to set up a DMARC on
> cPanel I give instructions in the article.
>
>> *About DMARC*
>>
>> DMARC is pretty confusing to even relatively geeky people. DMARC
>> (Domain-based Message Authentication, Reporting and Conformance) is
>> an email authentication protocol you can add to your DNS zone (your
>> domain's entry in the web's "phone directory" that translates a
>> domain name into something a computer can use for getting you to a
>> website or passing along an email, etc.).
>>
>> It's designed to give email domain owners the ability to protect
>> their domain from unauthorized use, commonly known as email spoofing.
>> The purpose and primary outcome of implementing DMARC is to protect a
>> domain from being used in email compromise attacks, phishing emails,
>> email scams and other cyber threat activities.
>>
>> It's also a way of showing other mail servers that your email is
>> reputable.
>>
>> *Creating a DMARC Record*
>>
>> To create a DMARC record, if you have access to your DNS zone
>> records, create a new TXT record with the name _dmarc.yourdomain.com
>> and content that looks something like this
>> v=DMARC1;p=reject;sp=none;adkim=r;aspf=r;pct=100;fo=0;rf=afrf;ri=86400;ruf=mailto:me at mydomain.com
>>
>> Obviously this is not something you can create out of the blue.
>> cPanel, the world's most widely used control panel for web hosting
>> that we use at Itabix, now has a built in DMARC creation tool in the
>> DNS zone editor (we'll walk you through that below), or you can use a
>> DMARC generator on the web however most of the DMARC generators are
>> also difficult to understand. We really like this one:
>>
>> https://dmarcian.com/dmarc-record-wizard/
>>
> Remember to set the policy to Quarantine (set aside for additional
> processing) or Reject (get rid of it) because, as Larry said, setting
> it to do nothing won't cut it with a lot of mail servers and you'll
> still be rejected.
>
> Sam
>
> ------------------------------------------------------------------------
> Sam McClellan
> *Itabix, Inc*
> /One place for all things Web/
> sam at itabix.com
> https://itabix.com
> Main - 413.587.4600
> Toll-free - 877-7ITABIX (877.748.2249)
>
> On 5/28/2020 10:37 AM, Larry Kuttner via Hidden-discuss wrote:
>> It is probably the lack of a DMARC record that is causing it. In
>> that past year, I have seen several providers start blocking email
>> from domains that do not have a DMARC policy.
>> I also recently found that the DMARC policy must specifically have a
>> quarantine or reject policy. When I added a quarantine policy to our
>> existing DMARC, many email recipients that were getting rejected are
>> now being accepted.
>>
>> Here's some helpful info:
>> https://www.dmarcanalyzer.com/how-to-create-a-dmarc-record/
>>
>> --
>> *Larry Kuttner*
>> Information Technology Manager
>> Northeast Sustainable Energy Association (NESEA)
>> 20 Federal Street, Greenfield, MA 01301
>> 413.774.6051 <tel:(413)%20774-6051> ext. 12 *·*lkuttner at nesea.org
>> <mailto:lkuttner at nesea.org>
>> www.nesea.org <http://www.nesea.org/>
>>
>> _______________________________________________
>> Hidden-discuss mailing list - home page:http://www.hidden-tech.net
>> Hidden-discuss at lists.hidden-tech.net
>>
>> You are receiving this because you are on the Hidden-Tech Discussion list.
>> If you would like to change your list preferences, Go to the Members
>> page on the Hidden Tech Web site.
>> http://www.hidden-tech.net/members
>
>
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20200528/647383d3/attachment-0001.html>
More information about the Hidden-discuss
mailing list