--VQ--
Site Admin
Joined: 06 Jan 2003
Posts: 590
|
 Posted: Wed Oct 11, 2006 12:01 am Post subject: Mail bounced for failure to meet SPF policy |
 |
|
Problem: Mail bounced due to SPF policy
[vqSA Admins: This tip provides a short answer]
Example of rejected mail from recipient's ISP: | Quote: | Connected to xx.xx.xx.xx but sender was rejected.
Remote host said: 554 refused mailfrom because of SPF policy |
What Causes This? This is what is happening:- You use a Vanquish server to send mail. That's necessary for these reasons.
- Your mail shows recipients your regular address (from your ISP, company, or personal domain). That's fine with us, as long as it is registered on your vqME protected address list.
- But the domain onwer publishes an "SPF" record. It warns email services around the world that any message showing their domain name in the From or Reply To address must originate from one of the mail servers on their list. When you send through a Vaqnuish server or secutiry appliance, some recipients check these "SPF" lists to see if our server is authorized by the domain owner. If not, they refuse the email - suspecting that it was sent by somone forging your address.
The Solution
Actually, there are four ways to deal with this problem. Choose the one that works best for you:- The quickest solution is to create an email program account that shows your vqME address (instead of your ISP address). For example, create an Outlook profile with these settings, but use the vqME address for both your email address and login/user name. When you use this account, your email will show your vqME address. If the recipient's mail service looks up domain ower's list of authorized servers, they will find that you are using a properly associated server.
- Alternatively, you can create an Outlook account that really uses the outgoing server provided by your mail service. On the rare occasions that you come across a rejection message, simply resend the message with this alternate email account. You won't even lose the advantages of sending through the vqME server, because the recipient email address will have been added to your Allow list based on your first attempt.
- Another perfect solution is to user your own company or family domain. For example, you could buy the domain JoeSmith.com (these days, a domain costs only $5/year). Then you could send mail with vqME or any server you like. If you want to enforce a "sender policy", the list of authorized mail servers is up to you.
- If you wish to continue using an ISP address (rather than myname@myfamilyname.com), the best long term solution is contact the ISP or company that owns the last part of your email address (the part after the '@' symbol). You can find contact information for both here. Tell them that you send mail with your own address through a preferred SMTP server. Ask them to add the following SMTP server to their SPF record for the domain used in your email address (The request must come from their own customer or employee):
- Vanquish-Postini network (as of July 2011): 64.18.0.0~20 [Details]
- vqME users: 64.25.88.230 (www.vqme.com) -&- 74.94.168.18 (web5.vanquish.com)
- vqNow users: 64.130.238.106 (www.vqnow.com), 74.94.168.18 (web5.vanquish.com)
- vqSA users: To determine your IP address, ping your vq.xxxx domain from outside of the network or contact us for help
In case they are concerned (they should not be), explain that Vanquish is a leading antispam vendor to ISPs and enterprises. It recently won PC Magazine Editors' Choice, 5-starts at TuCows.com, and is also the top user-rated product at CNet-Download.com. If they are still concerned (again, this should not be the case), you can simply send mail that shows your direct vqME address, or join the legions of users who own their own domain (Mob@MyFamily.com). Neither of these options will create an SPF problem.
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
