Search This Blog

SPF (Sender Policy Framework) Deployment

After testing the outgoing email server, I find my outgoing server is missing the SPF record.  By looking at the Sender Policy Framework site, the deployment is fairly simple if you can edit your DNS records.  The web site provides the wizard to create the SPF record.  Once the SPF record is created, just add it to your domain’s TXT record.  And rerun the outgoing email test to verify the deployment.

Test Outgoing Email Server with Some of the “Best Practices”

While searching the greylisting topic about email delivery problem, I find the “All About Spam” web site offers an outgoing email server test page.  It’s a useful tool to learn about your email server compliance; and its report also provides the information on what you can do to make your email not been blocked by the recipient email server.

All About Spam Email Server Test Page can test your outgoing email server with the following technologies/RFC compliance:

  1. HELO Greeting
  2. Reverse DNS
  3. DNSBL (RBL)
  4. SPF
  5. Domain Keys
  6. SPAMAssassin Content Checks
  7. BATV (Bounce Address Tag Validation)
  8. Greylisting
  9. URIBL

Testing Process

  1. Send an Email to test@allaboutspam.com
  2. That email will bounce with a URL in the bounce message.
  3. Either click on the URL or Copy/paste the URL in a browser.
  4. You will see report on your Email Server.

Greylisting – Use Against E-mail Spam

Definition: In name, as well as operation, greylisting is related to whitelisting and blacklisting. What happen is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a "try again later"-message (This happens at the SMTP layer and is transparent to the end user). This, in the short run, means that all mail gets delayed at least until the sender tries again - but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later.

Source: http://www.greylisting.org/

DNS Lookup Tool - DIG

A windows version of dig can be downloaded at http://www.isc.org/downloads.

Example commands:

  • dig abc.com
  • dig abc.com any
  • dig abc.com ns
  • dig abc.com mx
  • dig abc.com any @dns-server

Remove IT Policy from a BlackBerry Smartphone

There are many methods to remove an IT policy from a BlackBerry smartphone.  See this KB for more details.  Here is the easiest method (I think) – using loader.exe.

  1. Connect the smartphone to the computer.
    From the Start menu, click Programs > Accessories > Command Prompt.
    Note: When a computer running Windows Vista™ or Windows 7 is used, the user might need to right-click the Command Prompt application and choose Run as administrator.
  2. Find the Apploader folder by typing cd C:\Program Files\Common Files\Research In Motion\Apploader and then pressing ENTER.
    Note: For computers using a 64-bit version of Windows, navigate to C:\Program Files (x86)\Common Files\Research In Motion\Apploader.
  3. Type loader.exe /resettofactory.
  4. Type the BlackBerry smartphone password if prompted.

Exchange Server Licensing

  • One Exchange server license per Exchange server
  • Exchange Standard v.s Enterprise edition:
    • 5 databases per Standard edition
    • 100 databases per Enterprise edition
    • For database availability group (DAG), do not need Exchange Enterprise edition; however, must have Windows Server 2008 or Windows Server 2008 R2 Enterprise edition.
  • One client access license (CAL) per user
  • Standard v.s. Enterprise CAL:
    • Enterprise CALs are add-ons to Standard CALs.  To buy Enterprise CALs must buy the amount of Standard CALs.
    • Enterprise CAL features:

Use WinSCP to Transfer Files in vCSA 6.7

This is a quick update on my previous post “ Use WinSCP to Transfer Files in vCSA 6.5 ”. When I try the same SFTP server setting in vCSA 6.7...