Educause Security Discussion mailing list archives
Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work?
From: Derek Diget <derek.diget+educause-security () WMICH EDU>
Date: Thu, 24 Sep 2009 12:31:10 -0400
On Sep 24, 2009 at 11:52 -0400, Dennis Meharchand wrote: =>Because we implemented SPF (Sender Policy Framework) - to mitigate our email =>addresses from being spoofed with SPAM and Malware (we are a security =>company) - our emails get rejected when sent to email servers looking for =>SPF implementation. => =>If you have implemented SPF records you may run into problems using 587 for =>sends. I am no SPF expert.....but if your e-mail submission is done correctly you shouldn't have any problems with a SPF record ending in -all. So, define "using 587"? If you mean your user's (e-mail address using your domain) are using their "home" ISP's message submission agent (MSA) or some other MSA than your own via port 587, then, yeah, you sill have SPF problems without listing/including all of the possible places their e-mail can source from in your SPF record. (Which to me would be a never ending game of whack-a-mole.) What should happen is that your user's submit messages using _your_ MSA via port 587. Then you just have to include that system in your SPF record. And for all of the hotels and other captive networks that block everything except port 80/443....Per IETF Best Common Practice 134 (RFC 5068), section 4.1, "Access Providers MUST NOT block users from accessing the external Internet using the SUBMISSION port 587 [RFC4409]." -- *********************************************************************** Derek Diget Office of Information Technology Western Michigan University - Kalamazoo Michigan USA - www.wmich.edu/ ***********************************************************************
Current thread:
- Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Peter Charbonneau (Sep 24)
- <Possible follow-ups>
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Raw, Randy (Sep 24)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Ken Connelly (Sep 24)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Brad Judy (Sep 24)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Don M. Blumenthal (Sep 24)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Gary Dobbins (Sep 24)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Doty, Timothy T. (Sep 24)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Derek Diget (Sep 24)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Dennis Meharchand (Sep 24)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Derek Diget (Sep 24)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Valdis Kletnieks (Sep 25)
- Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work? Jesse Thompson (Sep 25)