Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Message Getting blocked for domain which do not pass SPF req

Can anybody help me out as some of the message Getting blocked for domain which do not pass SPF requirements and the blocked domains are already added in White List (Trusted Domains)

1 REPLY
Community Member

Sure can...

Nitin,

I'll help you out, so feel free to post some information.

However I'm going to take a stab at the problem. The biggest mistake that people make when adding a domain to the HAT White List is they put the domain name in without a period, example "example.com". From an IronPort perspective this would only match one host...the host with a PTR record for example.com and the A record that points back to the IP address.

What you want to do is insure that you have a period in front of the domain name, new example ".example.com". This entry basically says we'll take any FQDN with the domain of example.com so this would match mail1.example.com, www.example.com, outbound example.com, etc. etc.

The second mistake that people make with the HAT is that they are under the impression that they can put the domain name that will be utilized in the MAIL FROM in the conversation. So going back to the example.com domain, let's say that example.com has a business unit called abc.com but all the mail goes through mail1.example.com. What some users do is put abc.com into the HAT but the problem is the IronPort compares data in the HAT to the DNS information of the sending server.

So in the above problem the HAT will never see anything for abc.com because all the mail comes from mail1.example.com which would be the proper entry for the HAT file.

Hope this helps.

Sincerely,

Jay Bivens
IronPort Systems

173
Views
0
Helpful
1
Replies
CreatePlease to create content