Cisco RES RSS Back to forum
Disregard. I figured a solution. I asked Cisco about it and they gave me the IP blocks of their email server farms. Rather than include them in my SPF string, I simply excluded those IPs from the SPF test.
As I use ORF for hard fails only and my Exchange server for soft fails (which assigns an SCL and filters to Junk Mail as needed rather than dropping the message altogether), this allows my Exchange server to take over and filter them to Junk, which the users can control individually.
-T.
@T. Hernlund:
Hi,
If Cisco publishes an SPF policy with their service, you can also use the SPF "include" mechanism to merge their policy with yours. This is better than listing their IPs in your SPF record, because you do not have to maintain the list. You can learn more about this mechanism at http://www.openspf.org/SPF_Record_Syntax
I'll start here with a question...
We have a client who is a customer of Cisco's Registered Envelope Service. Basically, secure email. Nothing new.
However, when someone here attempts to send an email to this client AND copy himself or his secretary, the copy bounces due to... you guessed it, SPF hard fail.
Obviously, since it's a Cisco server processing the main and sending it as us, it's going to fail SPF. I really don't want to try to figure out and add RES servers to my SPF string.
Anyone dealt with this? Is there something in ORF that can accommodate this? Possibly some magic that can be worked? Unfortunately, CRES isn't listed in the Sender Score database.
Thanks.
-T.