Hi

We configured SPF record as below for domain sam.gov.sa

v=spf1 mx mx:mail1.sam.gov.sa mx:mail.sam.gov.sa mx:mail2.sam.gov.sa
mx:mx2.mex.net.sa ~all

but still we are receiving many mails claiming from our own domain. The last
mx record / server is with our ISP. Then how can we control this and what
this SPF really do for us?

Can anyone help us to resolve this issue?

Regards
Lal

Laljeev <laljeevm@newsgroup.nospam> wrote:
Show quoteHide quoteSPF records are not a panacea. What version & SP of Exchange do you use? If
you don't have any external POP/IMAP users who need to relay mail through
your SMTP server, you could reject all inbound Internet mail purporting to
be from yourdomain.com.

Info on SPF here:
http://en.wikipedia.org/wiki/Sender_Policy_Framework

On Mon, 25 May 2009 03:07:02 -0700, Laljeev
<laljeevm@newsgroup.nospam> wrote:

If you're telling the world that your ISP is an authorized IP address
for sending email from your domain, and the spam is coming from the IP
address of the ISP's SMPT relay, then it's not unauthorized, is it?

Using a secondary MX makes using SPF (and SenderID) effectivly very
difficult, if not downright impossible.

If you don't trust the ISP then remove the address from your SPF data.

You also use the "~" modifier instead of the "-" modifier. Is there a
reason you're doing that?

You don't say how you have your Exchange SenderID configured, either.
Do you reject email that appars to be forged, accept it and flag it,
or delete it? If you accept it and flag it, do you (or whatever you're
using for anti-spam) take that suspected forgery into account when
assessing the spaminess of the message?
---
Rich Matheisen
MCSE+I, Exchange MVP

Laljeev wrote:
Show quoteHide quoteAre you using Exchange? If so, why don't you tell us which version, so
we have a chance to help you?

There may be gurus in this group, but I doubt they have any psychic
powers...

First thing, the syntax in your sample SPF record above is wrong. You
must enclose it between double quotes.

-------------Example--------------
UNIX $ host -t txt microsoft.com.
microsoft.com text "v=spf1 mx include:_spf-a.microsoft.com
include:_spf-b.microsoft.com include:_spf-c.microsoft.com
include:_spf-ssg-a.microsoft.com ip4:131.107.115.212 ip4:131.107.115.215
ip4:131.107.115.214 ip4:205.248.106.64 ip4:205.248.106.30
ip4:205.248.106.32 ~all"
------------End of example [*]--------

[*] In the example above, the SPF record is ONE SINGLE LINE between
double quotes, but my mail reader forces the line wraps.

Second thing, SPF as implemented by Microsoft in Exchange is called
SenderID.

Third, it is not enough for you to create a SPF record in DNS with valid
syntax. You ALSO have to tell your Exchange to check the SenderID on
incoming mail and to "reject on fail". That can only be set in Exchange
2003 with SP2 and in Exchange 2007, but it's done differently in each
one. As I don't know which version you are using, I shall stop here.

Unable to email domain, no MX record but A record available
Very Strange Email/Connection Issue
What antispam solution?
problem using updateItem() in Exchange Web Services
sending spam
exchange 2003 internet configuration
Subject: Ntbackup of the Information Store: 0 files seem to be ver
Multiple Exch2007 DR and HA questions
appointments on other peoples calendars
Exchange self-signed certificate