office 365 + blacklisting own domain. RSS

1

Hi, I'm having some issues here, trying to setup a hybrid configuration + forwarding method

a) why does ORF say:
Error checking the SPF policy of domain "mydomain.com": The requested A/MX record was not found for "mydomain.com".
(please check my email domain as per this post)
it has 2 TXT records though.

b) before, I had a blacklist rule for *@mydomain.com
now it obviously fails for the email coming from office 365 cos its not authenticated.
any clues how i should amend this?

by Chris Low 5 years ago
2

@Chris Low: a) is the DNS server used for the lookup the same as the authoritative DNS for "mydomain.com" by any chance? See

http://blog.vamsoft.com/2010/04/08/tales-from-tech-support-part-13-dns-issues-with-own-domain/

and

http://vamsoft.com/r?o-hto-adm-dns

b) I am not sure if it is possible to enforce authentication for emails relayed from Office 365 servers to your on-premises Exchange server (if that's what you mean), but having an SPF record published for the domain and having the SPF test enabled in ORF should suffice.

by Krisztián Fekete (Vamsoft) 5 years ago
(in reply to this post)

3

what do you think of whitelisting all of office365 ip addresses?

http://onlinehelp.microsoft.com/en-us/office365-enterprises/hh373144.aspx

by Chris Low 5 years ago
4

and yes, the dns (at least 1 entry) is authoritative.. I will remove that entry and monitor

by Chris Low 5 years ago
5

@Chris Low: I would not recommend it... Those servers are used my many people.

by Krisztián Fekete (Vamsoft) 5 years ago
(in reply to this post)

6

so the problem here is this. if I don't whitelist the ip address, then incoming emails from *@mydomain gets filtered by eg: keyword blacklisting even if i take it out of sender blacklist.


i think what is required is a conditional whitelist (ie: *@mydomain.com + microsoft office ips)

anyway, my current solution is to whitelist microsoft ips while blacklisting *@mydomain.com

by Chris Low 5 years ago
7

@Chris Low: the conditional whitelisting might be possible using the Keyword Whitelist (Email header (raw MIME) scope), i.e., creating a regular expression which whitelists the email if the header shows it was relayed from an Office 365 host (Received from:) and the MIME "From:" address is *@yourdomain.com. If you could send us some MIME header samples of such emails (relayed from Office 365 servers) to , I might be able to come up with something.

by Krisztián Fekete (Vamsoft) 5 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

Nickname:
Email address (will not be published):
Your comment:

ORF Technical Support

Configuring, installing and troubleshooting ORF.

News & Announcements

Your dose of ORF-related news and announcements.

Everything but ORF

Discuss Exchange and system administration with fellow admins.

Feature Test Program

Feature Test Program discussion. Membership is required to visit this forum.

ORF Beta

Join the great bug hunt of the latest test release.

Customer Service

Stay Informed