November Happy Hour will be moved to Thursday December 5th.

AI OnAI Off

IP domain

Vote:
 

Hi, another question: How is spam filtering caused by missmatches on sender's domain and sender's IP handled? It's the EPiServer service that sends the mail, but the from address typically contains the sender's domain. When the mail client sees that the sender's domain doesn't match the sender's domain it could concider the mail as spam. Is that handled in any way?

BR/Tomas Eld

 

#37310
Mar 02, 2010 15:02
Håkan Lindqvist
Håkan Lindqvist
Vote:
 

 

Traditionally there has been no way of knowing which mail servers are expected to send mail with a specific domain name in the sender address.
As hosted mail solutions are (and have been) quite common, I wouldn't consider matching the domain name in the sender address to the claimed hostname or reverse DNS record of the sending mail server to be a particularly good metric for spaminess.
Enter SPF. With SPF the owner of a domain name can add a special record in DNS which explicitly states which mail servers are allowed to send mail with From addresses in that domain.
Receiving mail servers can just look up the SPF record of the domain used in the address of the sender and if there is one, they can then verify that the sending mail server is listed as allowed to send mail for that domain.
What SPF is normally verifying is the envelope sender address (MAIL FROM during SMTP communication) rather than the header From address (displayed in the Mail User Agent) that is verified in SPF.
The EPiServer Mail service sends all mail with an envelope sender address somewhere in  *@*.episervermail.episerver.com, while the header From address is specified by the EPiServer Mail user, so normally SPF is not an issue.
In cases where SPF turns out to be an issue there is a simple solution available, we provide an SPF record containing a list of IP addresses used by the EPiServer Mail service when delivering mail, so a customer can use the "include" directive in their own SPF record to add our record as part of their own (see http://world.episerver.com/Documentation/Items/Installation-Instructions/EPiServer-Mail1/Installation-Instructions---EPiServer-Mail-441/ for details).

Eg, an existing record "v=spf1 mx ip4:1.2.3.4 -all" would

 

be changed to "v=spf1 mx ip4:1.2.3.4 include:_cluster1.episervermail.episerver.com -all".

I'll try to explain the general situation:

 

Traditionally there has been no way of knowing which mail servers are expected (or allowed) to send mail with a specific domain name in the sender address.
As hosted mail solutions are (and have been) quite common, I wouldn't consider matching the domain name in the sender address to the claimed hostname or reverse DNS record of the sending mail server to be a particularly good metric for spaminess.


Enter SPF. With SPF the owner of a domain name can add a special record in DNS which explicitly states which mail servers are allowed to deliver mail from addresses in that domain. Receiving mail servers can just look up the SPF record of the domain used in the address of the sender and if there is one, they can then verify that the sending mail server is listed as allowed to send mail for that domain.


However, SPF is normally used for verifying the envelope sender address (MAIL FROM during SMTP communication) rather than the mail header From address (displayed by the Mail User Agent).
The EPiServer Mail service sends mail with an envelope sender address somewhere in the *.episervermail.episerver.com domain (so that any bounces can be collected by the service rather than arriving in the inbox of the sender), while the header From address is specified by the EPiServer Mail user, so normally SPF is not actually an issue in the first place.


In cases where SPF turns out to be an issue or if you just want to guard against any potential issue that may arise there is a simple solution available: we maintain an SPF record containing a list of IP addresses used by the EPiServer Mail service for delivering mail, so a customer can use the "include" directive in their own SPF record to add our record as part of their own (see http://world.episerver.com/Documentation/Items/Installation-Instructions/EPiServer-Mail1/Installation-Instructions---EPiServer-Mail-441/ for details).

Eg, an existing record "v=spf1 mx ip4:1.2.3.4 -all" would be changed to "v=spf1 mx ip4:1.2.3.4 include:_cluster1.episervermail.episerver.com -all".

 

/Håkan

#37331
Edited, Mar 03, 2010 10:42
Vote:
 

Thanks'a lot!

The customer's technicians had this as a big issue. I get what you're saying about the MAIL FROM, so that would make this a non-issue, but if there would be a problem we can look at the SPF record.

Thank's again for a quick and insightful response!

Best regars/Tomas

 

#37340
Mar 03, 2010 14:42
This thread is locked and should be used for reference only. Please use the Legacy add-ons forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.