SlideShare a Scribd company logo

Implementing SPF record | Part 8#17

•
•
Eyal Doron
Eyal Doron

This document discusses implementing SPF records, including: 1. The technical process of creating and publishing an SPF record, including understanding the required syntax and verifying that the record is published correctly. 2. How to get the required SPF record syntax for an Office 365 environment from the admin portal. 3. Considerations for "mixed mail" infrastructures that use both Office 365 and additional mail servers, requiring the SPF record to include information about both. 4. Online tools that can help generate and validate SPF records.

Technology
1 of 26
Download to read offline
Page 1 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com IMPLEMENTING SPF RECORD | PART 8#17 The current article is a continuation of the former article: What is SPF record good for? | Part 7#17 The former article focused upon the purpose of the SPF record and why is it so important for preventing a scenario, in which spammers could present them self is our legitimate mail server. This article, focus on the “technical side” of the SPF record such as: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in
Page 2 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com an Office 365 environment + Mix mail environment, how to verify the existence of SPF record and so on. SPF record task list. Technically speaking, the process of creating and publishing SPF record. The “issue” is that not all of us are familiar with the importance of the SPF record (this subject was discussed in the former article – What is SPF record good for? | Part 7#17) and about the different technical aspects of SPF records such as:  The “content” and the syntax that the SPF record should include  How to publish the SPF record  How to verify that the SPF record that we have published includes the right syntax and point to our mail server that send mail on behalf of our organization. Q: Can you provide me an SPF record task list? A: The task list of the “SPF record project” include the following tasks: 1. Understand what should be the content (the information that appear) of our SPF record. 2. Create an SPF record in our public DNS (publish the information about the SPF record). 3. Verify that the SPF record was successfully published. 4. Verify that the SPF record syntax and structure is correct. 5. Verify that our SPF record includes “pointers” to all of our mail servers.
Page 3 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Get the required information for SPF record syntax in an Office 365 environment Q: How do I know, what is the required “content” for the SPF record of my organization in an Office 365 environment? A: In Office 365 and Exchange Online environment, the information about the required content of the SPF record appears in the Office 365 management portal, under the DNS setting of your public domain name who was registered. Important note 1. The uniqueness of the SPF record in Office 365 based environment
Page 4 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com The value of the SPF record that appears in the Office 365 management portal is identical to all the Office 365 customers and domain names. In other words, the SPF record that represents your domain name in Office 365 is not unique or, includes values that are relevant only to your domain name. The value of the SPF record in Office 365 is based on the SPF value named: “include” that point to an information about all the available Exchange Online servers who are authorized to send E-mail on behalf of the Office 365 customers. 2. Using the suggested Office 365 value for the SPF record The “default value” of the SPF record that appears in the Office 365 management portal is suitable only for a “cloud only scenario”. The meaning is that the value of the SPF record is “right” only in a scenario in which all the organization mail infrastructure is hosted at Office 365 and Exchange Online. In a scenario, in which we use additional mail servers, such as hybrid configuration or mail relay, we should add the information about the “additional mail server” to the “original SPF record” syntax that appears in the portal. You can read more information in the section: SPF record and “Mixed mail” infrastructure Get the information about the SPF record
Page 5 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com To be able to get the required information about the content of the SPF record, use the following steps: Login to Office 365 portal, choose the DOMAINS menu, choose the specific domain that you want to see his required DNS record (o365info.com in our scenario), and click on the manage DNS option. In the following screenshot, we can see under the Exchange Online section the value of the SPF text record that we will need to create in our public DNS.
Page 6 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Publish the SPF record on your public DNS After we got the value for the SPF record in an Office 365 environment, we will need to create the required SPF record in our public DNS server (SPF record is implemented as a text record). To demonstrate this procedure, I will use my “GoDaddy” DNS management interface” for adding the required SPF record. Note – it’s oblivious that in case that you use the other DNS management infrastructure, the interface will be different, but the concept stays the same. Step 1 – add a new record.  Choose the option: Add Record
Page 7 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Step 2 – choose TXT record  Choose the option of: TXT (Text) (Don’t forget that SPF record is just a simple TXT record). Step 3 – add the value of the SPF record  In the “HOST:” text box ass the @ sign In the TXT VALUE: – Paste or add the value of the SPF record that we got from the Office 365 management portal.
Page 8 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Step 4 – verify that the SPF record was successfully added In the following screenshot, we can see that the SPF record (the TXT record) was added Verifying that the SPF record is published Q: How to verify that the SPF record is published?
Page 9 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com A: To be able to verify that the SPF record is published, we can query any public DNS server and “ask him” to display information about a specific record of a specific domain. In our scenario, we want to “ask” from a DNS server to display information about all of the TXT records that exist for a specific domain: o365info.com (an SPF record is implemented as TXT record) We will use the command line tool: nslookup for query the DNS server. 1. Open the command prompt 2. Type the command: nslookup 3. Type the command: set type=txt 4. Type the domain name, in our scenario: o365info.com In the following screenshot, we can see the information about the SPF record that was configured for the domain. In our scenario, the value of the SPF record is: v=spf1 include:spf.protection.outlook.com –all
Page 10 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Verifying that SPF record syntax is valid. Using online tools to verify our SPF record The nslookup tool can help us to query DNS servers about the “existence” of SPF record but, “knowing” that the SPF record exists, doesn’t “tell” as if the SPF record syntax is correct or valid. To be able to answer the “second part”, in which we want to verify that syntax of the SPF record, we will need to use our “knowledge” or instead, use a free online tool that can examine and verify the syntax of our SPF record. In the next section, we will demonstrate how to check the “validity” of our SPF record using two online web-based tools.
Page 11 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Example 1: using the SPF Record Testing Tools http://www.kitterman.com/spf/validate.html In the following example, we use the SPF checker for testing the SPF record the represent the domain name: o365info.com In the Domain name box: we add the domain name that we want to check. In the following screenshot, we can see the result from the test.
Page 12 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com The test found that the domain uses the following SPF record: The TXT records found for your domain are: v=spf1 include:spf.protection.outlook.com –all Additionally, the test “approve” that the syntax of our SPF record is correct: SPF record passed validation test with pySPF (Python SPF library)! Example 2: using mxtoolbox SPF tool http://mxtoolbox.com/spf.aspx Personally, I like to use the mxtoolbox site because, the interface are more user friendly and the test result includes more detailed information.
Page 13 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com For example, in the test result of the SPF record, we can see additional information such as: less than two SPF record found”, the meaning that it’s “OK” because we don’t use more than one SPF record.
Page 14 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Additional reading Attached links to additional SPF validator online tools  SPF Record Testing Tools  SPF Records  Beveridge Hosting – SPF Test SPF record and “Mixed mail” infrastructure In a scenario which I described as: “Mixed mail infrastructure environment”, we use the Office 365 (Exchange Online) as our
Page 15 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com mail infrastructure + use an additional mail server that will send E-mail “on behalf” of our domain name. In this case, we will need to “inform” another mail server that our organization domain name is “represented” by “two different entities”: the Office 365 (Exchange Online) mail server + a specific mail server that is hosted in our organization. To be able to demonstrate this type of configuration, let’s use the following scenario:  Our mail infrastructure is hosted on Office 365 but in addition, we use on-Premises mail server that uses the public IP address: 212.25.80.239  Our organization domain name is: o365info.com
Page 16 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Creating the required SPF record We want to create an SPF record that “confirms” these two different mail servers infrastructure. Q: What is the syntax that I need to use for my SPF record, in case I have an additional mail servers? A: We will need to use the “original syntax” of the Office 365 SPF record + add the information about the on-Premise mail server that uses the public IP address: 212.25.80.239 In our scenario, the “original Office 365 SPF record syntax” is:
Page 17 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com We will need to “extend” the original SPF record so, the SPF record will include additional information about our On- Premises mail server. The SPF record syntax is very “flexible” meaning; we can relate to the additional mail server in many ways, such as – A record, MX record, IP4 address, IP6 addresses and so on. In the following diagram, we can see an example of the “new SPF record” that includes the information about the additional On-Premises mail server that uses the public IP address: 212.25.80.239 Q: Is there an online tool that could help me in the task of creating the syntax for my SPF record? A: Yes, there are a couple of online tools that could be described as: SPF Generator In the following example, we will use an online SPF Generator of a website named: mailradar In our scenario, we will need to provide three parameters: 1. Domain name – in our example our domain name is: o365info.com
Page 18 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com 2. The Office 365 SPF syntax that includes all the available Exchange Online server lists:spf.protection.outlook.com 3. The IP address of our on-Premises mail server: 212.25.80.239 At the bottom of the screen, in the section SPF result, we can see the SPF record “content” that we will need to use (by adding a TXT record to our public DNS server).
Page 19 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com
Page 20 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Additional reading SPF Generator  SPF Wizard  Microsoft’s Sender ID Framework SPF Record Wizard  SPF Record Generator  SPF Wizard SPF syntax and information  How to Check, Test and Validate SPF Record in DNS is Correct and Valid  Sender Policy Framework  Sender authentication part 9: SPF Syntax  Sender Policy Framework  SPF Record Syntax  More Information About Txt Record  SPF Record Syntax  Protect your SMTP domain with SPF records  Writing an SPF Record  Sender Policy Framework and Sender ID FAQs  Managing Exchange Online Sender Protection Framework Records (SPF)  SPF Records – creating and testing
Page 21 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Internal outbound spam in Office 365 environment | Article series index A quick reference for the article series My E-mail appears as a spam | Article series index | Part 0#17 The article index of the complete article series Introduction to the concept of internal outbound spam in general and in Office 365 and Exchange Online environment My E-mail appears as a spam – Introduction | Office 365 | Part 1#17 The psychological profile of the phenomenon: “My E-mail appears as a spam!”, possible factors for causing our E-mail to appear a “spam mail”, the definition of internal outbound spam. Internal spam in Office 365 – Introduction | Part 2#17 Review in general the term: “internal outbound spam”, miss conceptions that relate to this term, the risks that
Page 22 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com are involved in this scenario, outbound spam E-mail policy and more. Internal spam in Office 365 – Introduction | Part 3#17 What are the possible reasons that could cause to our mail to appear as spamjunk mail, who or what are this “elements”, that can decide that our mail is a spam mail?, what are the possible “reactions” of the destination mail infrastructure that identify our E- mail as spamjunk mail?. Commercial E-mail – Using the right tools | Office 365 | Part 4#17 What is commercial E-mail? Commercial E-mail as part of the business process. Why do I think that Office 365 Exchange Online is unsuitable for the purpose of commercial E-mail? Introduction if the major causes for a scenario in which your organization E-mail appears as spam My E-mail appears as spam | The 7 major reasons | Part 5#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail:
Page 23 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com 1. E-mail content, 2. Violation of the SMTP standards, 3. BulkMass mail My E-mail appears as spam | The 7 major reasons | Part 6#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail: 4. False positive, 5. User Desktop malware, 6. “Problematic” Website Introduction if the subject of SPF record in general and in Office 365 environment What is SPF record good for? | Part 7#17 The purpose of the SPF record and the relation to for our mail infrastructure. How does the SPF record enable us to prevent a scenario in which hostile elements could send E-mail on our behalf. Implementing SPF record | Part 8#17 The “technical side” of the SPF record: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in an Office 365 environment + mix mail environment, how to verify the existence of SPF record and so on.
Page 24 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Introduction if the subject of Exchange Online - High Risk Delivery Pool High Risk Delivery Pool and Exchange Online | Part 9#17 How Office 365 (Exchange Online) is handling a scenario of internal outbound spam by using the help of the Exchange Online- High Risk Delivery Pool. High Risk Delivery Pool and Exchange Online | Part 10#17 The second article about the subject of Exchange Online- High Risk Delivery Pool. The troubleshooting path of internal outbound spam scenario My E-mail appears as spam – Troubleshooting path | Part 11#17 Troubleshooting scenario of internal outbound spam in Office 365 and Exchange Online environment. Verifying if our domain name is blacklisted, verifying if the problem is related to E-mail content, verifying if the problem is related to specific organization user E-mail address, moving the troubleshooting process to the “other side.
Page 25 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com My E-mail appears as spam | Troubleshooting – Domain name and E-mail content | Part 12#17 Verify if our domain name appears as blacklisted, verify if the problem relates to a specific E-mail message content, registering blacklist monitoring services, activating the option of Exchange Online outbound spam. My E-mail appears as spam | Troubleshooting – Mail server | Part 13#17 What is the meaning of: “our mail server”?, Mail server IP, host name and Exchange Online. One of our users got an NDR which informs him, that his mail server is blacklisted!, How do we know that my mail server is blacklisted? My E-mail appears as spam | Troubleshooting – Mail server | Part 14#17 The troubleshooting path logic. Get the information from the E-mail message that was identified as spamNDR. Forwarding a copy of the NDR message or the message that saved to the junk mail
Page 26 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com My E-mail appears as spam | Troubleshooting – Mail server | Part 15#17 Step B – Get information about your Exchange Online infrastructure, Step C – fetch the information about the Exchange Online IP address, Step D – verify if the “formal “Exchange Online IP address a De-list your organization from a blacklist | My E-mail appears as spam | Part 16#17 Review the charters of a scenario in which your organization appears as blacklisted. The steps and the operations that need to be implemented for de-list your organization from a blacklist. Summery and recap of the troubleshooting and best practices in a scenario of internal outbound spam Dealing and avoiding internal spam | Best practices | Part 17#17 Provide a short checklist for all the steps and the operation that relates to a scenario of – internal outbound spam.

Recommended

default_change.pdf
default_change.pdfdefault_change.pdf
default_change.pdf
sptlove
 
The car of the future
The car of the futureThe car of the future
The car of the future
andreaires
 
1.3 compatibilidad de los componentes de un motor
1.3 compatibilidad de los componentes de un motor1.3 compatibilidad de los componentes de un motor
1.3 compatibilidad de los componentes de un motor
Adrian Ismael BM
 
ORGANIZATIONS CHART
ORGANIZATIONS CHARTORGANIZATIONS CHART
ORGANIZATIONS CHART
Dolly Vanessa Akel Llamas
 
Enjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training coursesEnjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training courses
CMS Computer
 
Cp提案資料20140122
Cp提案資料20140122Cp提案資料20140122
Cp提案資料20140122
Kazuki Tokudou
 
FloatMagic Power Point Presentation
FloatMagic Power Point PresentationFloatMagic Power Point Presentation
FloatMagic Power Point Presentation
stoneworts
 
5 saso2012-presentation
5 saso2012-presentation5 saso2012-presentation
5 saso2012-presentation
Ale Cignetti
 

Recommended

default_change.pdf
default_change.pdfdefault_change.pdf
default_change.pdf
sptlove
 
The car of the future
The car of the futureThe car of the future
The car of the future
andreaires
 
1.3 compatibilidad de los componentes de un motor
1.3 compatibilidad de los componentes de un motor1.3 compatibilidad de los componentes de un motor
1.3 compatibilidad de los componentes de un motor
Adrian Ismael BM
 
ORGANIZATIONS CHART
ORGANIZATIONS CHARTORGANIZATIONS CHART
ORGANIZATIONS CHART
Dolly Vanessa Akel Llamas
 
Enjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training coursesEnjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training courses
CMS Computer
 
Cp提案資料20140122
Cp提案資料20140122Cp提案資料20140122
Cp提案資料20140122
Kazuki Tokudou
 
FloatMagic Power Point Presentation
FloatMagic Power Point PresentationFloatMagic Power Point Presentation
FloatMagic Power Point Presentation
stoneworts
 
5 saso2012-presentation
5 saso2012-presentation5 saso2012-presentation
5 saso2012-presentation
Ale Cignetti
 
RHS Class of 1982 Alumni Memorial
RHS Class of 1982 Alumni MemorialRHS Class of 1982 Alumni Memorial
RHS Class of 1982 Alumni Memorial
Karen Lovins Hobbs
 
2013 qld pga championship sponsorship invitation
2013 qld pga championship sponsorship invitation2013 qld pga championship sponsorship invitation
2013 qld pga championship sponsorship invitation
Andrew Allpass
 
Renault
RenaultRenault
Renault
Mauricio MartĂ­nez
 
Stampa unione INVITO di PASQUA
Stampa unione INVITO di PASQUAStampa unione INVITO di PASQUA
Stampa unione INVITO di PASQUA
christian98
 
Werkwinkel Repair CafĂŠ - Etapastocht
Werkwinkel Repair CafĂŠ - EtapastochtWerkwinkel Repair CafĂŠ - Etapastocht
Werkwinkel Repair CafĂŠ - Etapastocht
kwb_eensgezind
 
Bridge the gap alerts
Bridge the gap alertsBridge the gap alerts
Bridge the gap alerts
aoconno2
 
I modi indefiniti infinito
I modi indefiniti infinitoI modi indefiniti infinito
I modi indefiniti infinito
Danilo Buccarello
 
20130313 het abc van sociale media ename
20130313 het abc van sociale media ename20130313 het abc van sociale media ename
20130313 het abc van sociale media ename
kwb_eensgezind
 
Manual
ManualManual
Manual
Socorro Esquivel JuĂĄrez
 
Looking at INSPIRE from an Open Source obsessed SME
Looking at INSPIRE from an Open Source obsessed SMELooking at INSPIRE from an Open Source obsessed SME
Looking at INSPIRE from an Open Source obsessed SME
smespire
 
Hackathon - Mapping da National Core a INSPIRE (Hydrography)
Hackathon - Mapping da National Core a INSPIRE (Hydrography)Hackathon - Mapping da National Core a INSPIRE (Hydrography)
Hackathon - Mapping da National Core a INSPIRE (Hydrography)
smespire
 
Panel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for TomorrowPanel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for Tomorrow
HPCC Systems
 
Tarif print
Tarif printTarif print
Tarif print
MSudar AnNur
 
Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...
Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...
Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...
Microsoft Private Cloud
 
Lab08Email
Lab08EmailLab08Email
Lab08Email
Robert Klebes
 
What is SPF record good for? | Part 7#17
What is SPF record good for? | Part 7#17What is SPF record good for? | Part 7#17
What is SPF record good for? | Part 7#17
Eyal Doron
 
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics MethodsSplunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk
 
ESM 6.9.1c Patch1 Release Notes
ESM 6.9.1c Patch1 Release Notes ESM 6.9.1c Patch1 Release Notes
ESM 6.9.1c Patch1 Release Notes
Protect724tk
 
Highlights of the Telecommunications Event Data Analytics toolkit
Highlights of the Telecommunications Event Data Analytics toolkitHighlights of the Telecommunications Event Data Analytics toolkit
Highlights of the Telecommunications Event Data Analytics toolkit
lisanl
 
Student NameClassDateVBScript IP File ReportIn the space provide.docx
Student NameClassDateVBScript IP File ReportIn the space provide.docxStudent NameClassDateVBScript IP File ReportIn the space provide.docx
Student NameClassDateVBScript IP File ReportIn the space provide.docx
emelyvalg9
 
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
Amazon Web Services
 
Отчет Csa report RAPID7
Отчет Csa report RAPID7Отчет Csa report RAPID7
Отчет Csa report RAPID7
Sergey Yrievich
 

More Related Content

Viewers also liked

RHS Class of 1982 Alumni Memorial
RHS Class of 1982 Alumni MemorialRHS Class of 1982 Alumni Memorial
RHS Class of 1982 Alumni Memorial
Karen Lovins Hobbs
 
Stampa unione INVITO di PASQUA
Stampa unione INVITO di PASQUAStampa unione INVITO di PASQUA
Stampa unione INVITO di PASQUA
christian98
 
Bridge the gap alerts
Bridge the gap alertsBridge the gap alerts
Bridge the gap alerts
aoconno2
 
I modi indefiniti infinito
I modi indefiniti infinitoI modi indefiniti infinito
I modi indefiniti infinito
Danilo Buccarello
 
20130313 het abc van sociale media ename
20130313 het abc van sociale media ename20130313 het abc van sociale media ename
20130313 het abc van sociale media ename
kwb_eensgezind
 

Viewers also liked (13)

RHS Class of 1982 Alumni Memorial
RHS Class of 1982 Alumni MemorialRHS Class of 1982 Alumni Memorial
RHS Class of 1982 Alumni Memorial
 
2013 qld pga championship sponsorship invitation
2013 qld pga championship sponsorship invitation2013 qld pga championship sponsorship invitation
2013 qld pga championship sponsorship invitation
 
Renault
RenaultRenault
Renault
 
Stampa unione INVITO di PASQUA
Stampa unione INVITO di PASQUAStampa unione INVITO di PASQUA
Stampa unione INVITO di PASQUA
 
Werkwinkel Repair CafĂŠ - Etapastocht
Werkwinkel Repair CafĂŠ - EtapastochtWerkwinkel Repair CafĂŠ - Etapastocht
Werkwinkel Repair CafĂŠ - Etapastocht
 
Bridge the gap alerts
Bridge the gap alertsBridge the gap alerts
Bridge the gap alerts
 
I modi indefiniti infinito
I modi indefiniti infinitoI modi indefiniti infinito
I modi indefiniti infinito
 
20130313 het abc van sociale media ename
20130313 het abc van sociale media ename20130313 het abc van sociale media ename
20130313 het abc van sociale media ename
 
Manual
ManualManual
Manual
 
Looking at INSPIRE from an Open Source obsessed SME
Looking at INSPIRE from an Open Source obsessed SMELooking at INSPIRE from an Open Source obsessed SME
Looking at INSPIRE from an Open Source obsessed SME
 
Hackathon - Mapping da National Core a INSPIRE (Hydrography)
Hackathon - Mapping da National Core a INSPIRE (Hydrography)Hackathon - Mapping da National Core a INSPIRE (Hydrography)
Hackathon - Mapping da National Core a INSPIRE (Hydrography)
 
Panel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for TomorrowPanel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for Tomorrow
 
Tarif print
Tarif printTarif print
Tarif print
 

Similar to Implementing SPF record | Part 8#17

Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...
Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...
Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...
Microsoft Private Cloud
 
Student NameClassDateVBScript IP File ReportIn the space provide.docx
Student NameClassDateVBScript IP File ReportIn the space provide.docxStudent NameClassDateVBScript IP File ReportIn the space provide.docx
Student NameClassDateVBScript IP File ReportIn the space provide.docx
emelyvalg9
 
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
Amazon Web Services
 
I doc packaging and mapping techniques.doc
I doc packaging and mapping techniques.docI doc packaging and mapping techniques.doc
I doc packaging and mapping techniques.doc
VERUS BRASIL
 
Automating Security and Compliance Testing of Infrastructure-as-Code for DevS...
Automating Security and Compliance Testing of Infrastructure-as-Code for DevS...Automating Security and Compliance Testing of Infrastructure-as-Code for DevS...
Automating Security and Compliance Testing of Infrastructure-as-Code for DevS...
Amazon Web Services
 

Similar to Implementing SPF record | Part 8#17 (20)

Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...
Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...
Microsoft Windows Server 2008 R2 - AD RMS Bulk Protection Tool and File Class...
 
Lab08Email
Lab08EmailLab08Email
Lab08Email
 
What is SPF record good for? | Part 7#17
What is SPF record good for? | Part 7#17What is SPF record good for? | Part 7#17
What is SPF record good for? | Part 7#17
 
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics MethodsSplunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
 
ESM 6.9.1c Patch1 Release Notes
ESM 6.9.1c Patch1 Release Notes ESM 6.9.1c Patch1 Release Notes
ESM 6.9.1c Patch1 Release Notes
 
Highlights of the Telecommunications Event Data Analytics toolkit
Highlights of the Telecommunications Event Data Analytics toolkitHighlights of the Telecommunications Event Data Analytics toolkit
Highlights of the Telecommunications Event Data Analytics toolkit
 
Student NameClassDateVBScript IP File ReportIn the space provide.docx
Student NameClassDateVBScript IP File ReportIn the space provide.docxStudent NameClassDateVBScript IP File ReportIn the space provide.docx
Student NameClassDateVBScript IP File ReportIn the space provide.docx
 
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
 
Отчет Csa report RAPID7
Отчет Csa report RAPID7Отчет Csa report RAPID7
Отчет Csa report RAPID7
 
I doc packaging and mapping techniques.doc
I doc packaging and mapping techniques.docI doc packaging and mapping techniques.doc
I doc packaging and mapping techniques.doc
 
Intro to the Salesforce Command Line Interface for Admins
Intro to the Salesforce Command Line Interface for AdminsIntro to the Salesforce Command Line Interface for Admins
Intro to the Salesforce Command Line Interface for Admins
 
Deployments with VS Code and Salesforce CLI
Deployments with VS Code and Salesforce CLIDeployments with VS Code and Salesforce CLI
Deployments with VS Code and Salesforce CLI
 
Orangescrum is now available on aws marketplace
Orangescrum is now available on aws marketplaceOrangescrum is now available on aws marketplace
Orangescrum is now available on aws marketplace
 
M365 global developer bootcamp 2019 Intro to SPFx Version
M365 global developer bootcamp 2019 Intro to SPFx VersionM365 global developer bootcamp 2019 Intro to SPFx Version
M365 global developer bootcamp 2019 Intro to SPFx Version
 
Letsencrypt with pfsense
Letsencrypt with pfsenseLetsencrypt with pfsense
Letsencrypt with pfsense
 
Aec1105
Aec1105Aec1105
Aec1105
 
Automating Security and Compliance Testing of Infrastructure-as-Code for DevS...
Automating Security and Compliance Testing of Infrastructure-as-Code for DevS...Automating Security and Compliance Testing of Infrastructure-as-Code for DevS...
Automating Security and Compliance Testing of Infrastructure-as-Code for DevS...
 
Epm fm-1111x-provisioning-whitepape-133674
Epm fm-1111x-provisioning-whitepape-133674Epm fm-1111x-provisioning-whitepape-133674
Epm fm-1111x-provisioning-whitepape-133674
 
ArcSight Model Import Connector for RepSM 7.1.7.7607.0 Configuration guide
ArcSight Model Import Connector for RepSM 7.1.7.7607.0 Configuration guideArcSight Model Import Connector for RepSM 7.1.7.7607.0 Configuration guide
ArcSight Model Import Connector for RepSM 7.1.7.7607.0 Configuration guide
 
ArcSight Actor Model Import Connector for Microsoft Active Directory Configur...
ArcSight Actor Model Import Connector for Microsoft Active Directory Configur...ArcSight Actor Model Import Connector for Microsoft Active Directory Configur...
ArcSight Actor Model Import Connector for Microsoft Active Directory Configur...
 

More from Eyal Doron

Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Eyal Doron
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...
Eyal Doron
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...
Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
 

More from Eyal Doron (20)

How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2
 
How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
 
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
 
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
 
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comWhat is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
 
What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...
 
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
 
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...
 
Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...
 
Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4
 
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
 
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
 
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36
 
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 

Recently uploaded

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Recently uploaded (20)

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

Implementing SPF record | Part 8#17

  • 1. Page 1 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com IMPLEMENTING SPF RECORD | PART 8#17 The current article is a continuation of the former article: What is SPF record good for? | Part 7#17 The former article focused upon the purpose of the SPF record and why is it so important for preventing a scenario, in which spammers could present them self is our legitimate mail server. This article, focus on the “technical side” of the SPF record such as: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in
  • 2. Page 2 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com an Office 365 environment + Mix mail environment, how to verify the existence of SPF record and so on. SPF record task list. Technically speaking, the process of creating and publishing SPF record. The “issue” is that not all of us are familiar with the importance of the SPF record (this subject was discussed in the former article – What is SPF record good for? | Part 7#17) and about the different technical aspects of SPF records such as:  The “content” and the syntax that the SPF record should include  How to publish the SPF record  How to verify that the SPF record that we have published includes the right syntax and point to our mail server that send mail on behalf of our organization. Q: Can you provide me an SPF record task list? A: The task list of the “SPF record project” include the following tasks: 1. Understand what should be the content (the information that appear) of our SPF record. 2. Create an SPF record in our public DNS (publish the information about the SPF record). 3. Verify that the SPF record was successfully published. 4. Verify that the SPF record syntax and structure is correct. 5. Verify that our SPF record includes “pointers” to all of our mail servers.
  • 3. Page 3 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Get the required information for SPF record syntax in an Office 365 environment Q: How do I know, what is the required “content” for the SPF record of my organization in an Office 365 environment? A: In Office 365 and Exchange Online environment, the information about the required content of the SPF record appears in the Office 365 management portal, under the DNS setting of your public domain name who was registered. Important note 1. The uniqueness of the SPF record in Office 365 based environment
  • 4. Page 4 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com The value of the SPF record that appears in the Office 365 management portal is identical to all the Office 365 customers and domain names. In other words, the SPF record that represents your domain name in Office 365 is not unique or, includes values that are relevant only to your domain name. The value of the SPF record in Office 365 is based on the SPF value named: “include” that point to an information about all the available Exchange Online servers who are authorized to send E-mail on behalf of the Office 365 customers. 2. Using the suggested Office 365 value for the SPF record The “default value” of the SPF record that appears in the Office 365 management portal is suitable only for a “cloud only scenario”. The meaning is that the value of the SPF record is “right” only in a scenario in which all the organization mail infrastructure is hosted at Office 365 and Exchange Online. In a scenario, in which we use additional mail servers, such as hybrid configuration or mail relay, we should add the information about the “additional mail server” to the “original SPF record” syntax that appears in the portal. You can read more information in the section: SPF record and “Mixed mail” infrastructure Get the information about the SPF record
  • 5. Page 5 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com To be able to get the required information about the content of the SPF record, use the following steps: Login to Office 365 portal, choose the DOMAINS menu, choose the specific domain that you want to see his required DNS record (o365info.com in our scenario), and click on the manage DNS option. In the following screenshot, we can see under the Exchange Online section the value of the SPF text record that we will need to create in our public DNS.
  • 6. Page 6 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Publish the SPF record on your public DNS After we got the value for the SPF record in an Office 365 environment, we will need to create the required SPF record in our public DNS server (SPF record is implemented as a text record). To demonstrate this procedure, I will use my “GoDaddy” DNS management interface” for adding the required SPF record. Note – it’s oblivious that in case that you use the other DNS management infrastructure, the interface will be different, but the concept stays the same. Step 1 – add a new record.  Choose the option: Add Record
  • 7. Page 7 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Step 2 – choose TXT record  Choose the option of: TXT (Text) (Don’t forget that SPF record is just a simple TXT record). Step 3 – add the value of the SPF record  In the “HOST:” text box ass the @ sign In the TXT VALUE: – Paste or add the value of the SPF record that we got from the Office 365 management portal.
  • 8. Page 8 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Step 4 – verify that the SPF record was successfully added In the following screenshot, we can see that the SPF record (the TXT record) was added Verifying that the SPF record is published Q: How to verify that the SPF record is published?
  • 9. Page 9 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com A: To be able to verify that the SPF record is published, we can query any public DNS server and “ask him” to display information about a specific record of a specific domain. In our scenario, we want to “ask” from a DNS server to display information about all of the TXT records that exist for a specific domain: o365info.com (an SPF record is implemented as TXT record) We will use the command line tool: nslookup for query the DNS server. 1. Open the command prompt 2. Type the command: nslookup 3. Type the command: set type=txt 4. Type the domain name, in our scenario: o365info.com In the following screenshot, we can see the information about the SPF record that was configured for the domain. In our scenario, the value of the SPF record is: v=spf1 include:spf.protection.outlook.com –all
  • 10. Page 10 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Verifying that SPF record syntax is valid. Using online tools to verify our SPF record The nslookup tool can help us to query DNS servers about the “existence” of SPF record but, “knowing” that the SPF record exists, doesn’t “tell” as if the SPF record syntax is correct or valid. To be able to answer the “second part”, in which we want to verify that syntax of the SPF record, we will need to use our “knowledge” or instead, use a free online tool that can examine and verify the syntax of our SPF record. In the next section, we will demonstrate how to check the “validity” of our SPF record using two online web-based tools.
  • 11. Page 11 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Example 1: using the SPF Record Testing Tools http://www.kitterman.com/spf/validate.html In the following example, we use the SPF checker for testing the SPF record the represent the domain name: o365info.com In the Domain name box: we add the domain name that we want to check. In the following screenshot, we can see the result from the test.
  • 12. Page 12 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com The test found that the domain uses the following SPF record: The TXT records found for your domain are: v=spf1 include:spf.protection.outlook.com –all Additionally, the test “approve” that the syntax of our SPF record is correct: SPF record passed validation test with pySPF (Python SPF library)! Example 2: using mxtoolbox SPF tool http://mxtoolbox.com/spf.aspx Personally, I like to use the mxtoolbox site because, the interface are more user friendly and the test result includes more detailed information.
  • 13. Page 13 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com For example, in the test result of the SPF record, we can see additional information such as: less than two SPF record found”, the meaning that it’s “OK” because we don’t use more than one SPF record.
  • 14. Page 14 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Additional reading Attached links to additional SPF validator online tools  SPF Record Testing Tools  SPF Records  Beveridge Hosting – SPF Test SPF record and “Mixed mail” infrastructure In a scenario which I described as: “Mixed mail infrastructure environment”, we use the Office 365 (Exchange Online) as our
  • 15. Page 15 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com mail infrastructure + use an additional mail server that will send E-mail “on behalf” of our domain name. In this case, we will need to “inform” another mail server that our organization domain name is “represented” by “two different entities”: the Office 365 (Exchange Online) mail server + a specific mail server that is hosted in our organization. To be able to demonstrate this type of configuration, let’s use the following scenario:  Our mail infrastructure is hosted on Office 365 but in addition, we use on-Premises mail server that uses the public IP address: 212.25.80.239  Our organization domain name is: o365info.com
  • 16. Page 16 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Creating the required SPF record We want to create an SPF record that “confirms” these two different mail servers infrastructure. Q: What is the syntax that I need to use for my SPF record, in case I have an additional mail servers? A: We will need to use the “original syntax” of the Office 365 SPF record + add the information about the on-Premise mail server that uses the public IP address: 212.25.80.239 In our scenario, the “original Office 365 SPF record syntax” is:
  • 17. Page 17 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com We will need to “extend” the original SPF record so, the SPF record will include additional information about our On- Premises mail server. The SPF record syntax is very “flexible” meaning; we can relate to the additional mail server in many ways, such as – A record, MX record, IP4 address, IP6 addresses and so on. In the following diagram, we can see an example of the “new SPF record” that includes the information about the additional On-Premises mail server that uses the public IP address: 212.25.80.239 Q: Is there an online tool that could help me in the task of creating the syntax for my SPF record? A: Yes, there are a couple of online tools that could be described as: SPF Generator In the following example, we will use an online SPF Generator of a website named: mailradar In our scenario, we will need to provide three parameters: 1. Domain name – in our example our domain name is: o365info.com
  • 18. Page 18 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com 2. The Office 365 SPF syntax that includes all the available Exchange Online server lists:spf.protection.outlook.com 3. The IP address of our on-Premises mail server: 212.25.80.239 At the bottom of the screen, in the section SPF result, we can see the SPF record “content” that we will need to use (by adding a TXT record to our public DNS server).
  • 19. Page 19 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com
  • 20. Page 20 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Additional reading SPF Generator  SPF Wizard  Microsoft’s Sender ID Framework SPF Record Wizard  SPF Record Generator  SPF Wizard SPF syntax and information  How to Check, Test and Validate SPF Record in DNS is Correct and Valid  Sender Policy Framework  Sender authentication part 9: SPF Syntax  Sender Policy Framework  SPF Record Syntax  More Information About Txt Record  SPF Record Syntax  Protect your SMTP domain with SPF records  Writing an SPF Record  Sender Policy Framework and Sender ID FAQs  Managing Exchange Online Sender Protection Framework Records (SPF)  SPF Records – creating and testing
  • 21. Page 21 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Internal outbound spam in Office 365 environment | Article series index A quick reference for the article series My E-mail appears as a spam | Article series index | Part 0#17 The article index of the complete article series Introduction to the concept of internal outbound spam in general and in Office 365 and Exchange Online environment My E-mail appears as a spam – Introduction | Office 365 | Part 1#17 The psychological profile of the phenomenon: “My E-mail appears as a spam!”, possible factors for causing our E-mail to appear a “spam mail”, the definition of internal outbound spam. Internal spam in Office 365 – Introduction | Part 2#17 Review in general the term: “internal outbound spam”, miss conceptions that relate to this term, the risks that
  • 22. Page 22 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com are involved in this scenario, outbound spam E-mail policy and more. Internal spam in Office 365 – Introduction | Part 3#17 What are the possible reasons that could cause to our mail to appear as spamjunk mail, who or what are this “elements”, that can decide that our mail is a spam mail?, what are the possible “reactions” of the destination mail infrastructure that identify our E- mail as spamjunk mail?. Commercial E-mail – Using the right tools | Office 365 | Part 4#17 What is commercial E-mail? Commercial E-mail as part of the business process. Why do I think that Office 365 Exchange Online is unsuitable for the purpose of commercial E-mail? Introduction if the major causes for a scenario in which your organization E-mail appears as spam My E-mail appears as spam | The 7 major reasons | Part 5#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail:
  • 23. Page 23 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com 1. E-mail content, 2. Violation of the SMTP standards, 3. BulkMass mail My E-mail appears as spam | The 7 major reasons | Part 6#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail: 4. False positive, 5. User Desktop malware, 6. “Problematic” Website Introduction if the subject of SPF record in general and in Office 365 environment What is SPF record good for? | Part 7#17 The purpose of the SPF record and the relation to for our mail infrastructure. How does the SPF record enable us to prevent a scenario in which hostile elements could send E-mail on our behalf. Implementing SPF record | Part 8#17 The “technical side” of the SPF record: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in an Office 365 environment + mix mail environment, how to verify the existence of SPF record and so on.
  • 24. Page 24 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com Introduction if the subject of Exchange Online - High Risk Delivery Pool High Risk Delivery Pool and Exchange Online | Part 9#17 How Office 365 (Exchange Online) is handling a scenario of internal outbound spam by using the help of the Exchange Online- High Risk Delivery Pool. High Risk Delivery Pool and Exchange Online | Part 10#17 The second article about the subject of Exchange Online- High Risk Delivery Pool. The troubleshooting path of internal outbound spam scenario My E-mail appears as spam – Troubleshooting path | Part 11#17 Troubleshooting scenario of internal outbound spam in Office 365 and Exchange Online environment. Verifying if our domain name is blacklisted, verifying if the problem is related to E-mail content, verifying if the problem is related to specific organization user E-mail address, moving the troubleshooting process to the “other side.
  • 25. Page 25 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com My E-mail appears as spam | Troubleshooting – Domain name and E-mail content | Part 12#17 Verify if our domain name appears as blacklisted, verify if the problem relates to a specific E-mail message content, registering blacklist monitoring services, activating the option of Exchange Online outbound spam. My E-mail appears as spam | Troubleshooting – Mail server | Part 13#17 What is the meaning of: “our mail server”?, Mail server IP, host name and Exchange Online. One of our users got an NDR which informs him, that his mail server is blacklisted!, How do we know that my mail server is blacklisted? My E-mail appears as spam | Troubleshooting – Mail server | Part 14#17 The troubleshooting path logic. Get the information from the E-mail message that was identified as spamNDR. Forwarding a copy of the NDR message or the message that saved to the junk mail
  • 26. Page 26 of 26 | Implementing SPF record | Part 8#17 Written by Eyal Doron | o365info.com My E-mail appears as spam | Troubleshooting – Mail server | Part 15#17 Step B – Get information about your Exchange Online infrastructure, Step C – fetch the information about the Exchange Online IP address, Step D – verify if the “formal “Exchange Online IP address a De-list your organization from a blacklist | My E-mail appears as spam | Part 16#17 Review the charters of a scenario in which your organization appears as blacklisted. The steps and the operations that need to be implemented for de-list your organization from a blacklist. Summery and recap of the troubleshooting and best practices in a scenario of internal outbound spam Dealing and avoiding internal spam | Best practices | Part 17#17 Provide a short checklist for all the steps and the operation that relates to a scenario of – internal outbound spam.