office 365 + blacklisting own domain. - ORF Forums

office 365 + blacklisting own domain. RSS Back to forum

1

Hi, I'm having some issues here, trying to setup a hybrid configuration + forwarding method

a) why does ORF say:
Error checking the SPF policy of domain "mydomain.com": The requested A/MX record was not found for "mydomain.com".
(please check my email domain as per this post)
it has 2 TXT records though.

b) before, I had a blacklist rule for *@mydomain.com
now it obviously fails for the email coming from office 365 cos its not authenticated.
any clues how i should amend this?

by Chris Low more than 10 years ago
2

@Chris Low: a) is the DNS server used for the lookup the same as the authoritative DNS for "mydomain.com" by any chance? See

http://blog.vamsoft.com/2010/04/08/tales-from-tech-support-part-13-dns-issues-with-own-domain/

and

http://vamsoft.com/r?o-hto-adm-dns

b) I am not sure if it is possible to enforce authentication for emails relayed from Office 365 servers to your on-premises Exchange server (if that's what you mean), but having an SPF record published for the domain and having the SPF test enabled in ORF should suffice.

by Krisztián Fekete (Vamsoft) more than 10 years ago
(in reply to this post)

3

what do you think of whitelisting all of office365 ip addresses?

http://onlinehelp.microsoft.com/en-us/office365-enterprises/hh373144.aspx

by Chris Low more than 10 years ago
4

and yes, the dns (at least 1 entry) is authoritative.. I will remove that entry and monitor

by Chris Low more than 10 years ago
5

@Chris Low: I would not recommend it... Those servers are used my many people.

by Krisztián Fekete (Vamsoft) more than 10 years ago
(in reply to this post)

6

so the problem here is this. if I don't whitelist the ip address, then incoming emails from *@mydomain gets filtered by eg: keyword blacklisting even if i take it out of sender blacklist.


i think what is required is a conditional whitelist (ie: *@mydomain.com + microsoft office ips)

anyway, my current solution is to whitelist microsoft ips while blacklisting *@mydomain.com

by Chris Low more than 10 years ago
7

@Chris Low: the conditional whitelisting might be possible using the Keyword Whitelist (Email header (raw MIME) scope), i.e., creating a regular expression which whitelists the email if the header shows it was relayed from an Office 365 host (Received from:) and the MIME "From:" address is *@yourdomain.com. If you could send us some MIME header samples of such emails (relayed from Office 365 servers) to , I might be able to come up with something.

by Krisztián Fekete (Vamsoft) more than 10 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2