• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Sender ID validation fails

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Message Routing >> Sender ID validation fails Page: [1]
Login
Message << Older Topic   Newer Topic >>
Sender ID validation fails - 3.Jun.2011 7:12:59 PM   
berryguru

 

Posts: 52
Joined: 18.Feb.2010
Status: offline
I've got a client who is unable to email our organization. From the looks of the bounce back message, this has something to do with Sender ID validation.

mail.company.com #550 5.7.1 Sender ID (PRA) Not Permitted ##

We currently have the Sender ID validation set for 'Reject (the message will not be accepted; the sending party will be responsible for NDR generation)

The other options are:
Accept (the Sender ID status will be attached to the message for further anti-spam processing)

Delete (the message will be accepted and then deleted; no NDR will be sent back to the sender)

From what I gathered here, the Accept option would fix my issue. My question is, what are the repercussions of this or more so, what is recommended? Being that only one client has this problem, I would say the setting is correct.
Post #: 1
RE: Sender ID validation fails - 3.Jun.2011 7:46:53 PM   
alanhardisty

 

Posts: 389
Joined: 28.Feb.2010
Status: offline
The issue with you changing your settings to be able to receive the mail from this customer is that they are the ones who have the problem and should be fixing their configuration.

Sender ID is a way to check that the server sending mail on behalf of a company is actually permitted to send mail on behalf of that company. In this instance, the settings that they have configured are incorrect and the Sender ID Check fails.

If they correct their SPF record (Sender Policy Framework), then their problem should go away and you should be able to receive their emails.

An SPF record is a way for a company to publish the IP Addresses / mail server that are allowed to send mail for that domain - if they didn't have an SPF record - it wouldn't fail - it would pass, so they must have an incorrect SPF record i.e., one that does not include the IP Address that they are sending from.

_____________________________

Alan Hardisty

http://www.it-eye.co.uk
http://alanhardisty.wordpress.com
http://www.exchange-certificates.com

(in reply to berryguru)
Post #: 2
RE: Sender ID validation fails - 6.Jun.2011 4:48:31 PM   
berryguru

 

Posts: 52
Joined: 18.Feb.2010
Status: offline
Thank you so much for the reply Alan. I had a feeling it was on there end, but I wanted to be sure. I dug a little more on SPF and relayed the information to the other side having the problem. Once again, thanks for confirming. It's very much appreciated.

(in reply to alanhardisty)
Post #: 3
RE: Sender ID validation fails - 29.Jun.2011 4:48:04 PM   
EdgarTorres

 

Posts: 3
Joined: 29.Apr.2004
From: New York
Status: offline
There is some good information in this thread; however, I have a problem with the answer. While I agree that making a change for one customer is a bit drastic and [in most cases] unacceptable, let's look at ALL the facts, before we discard the problem to just one customer.

I came upon this thread, because I, too, am experiencing this problem. In reviewing the logs for my personal Exchange server, after realizing that I'm not receiving messages from my corporate server, I found that I'm not only rejecting messages from work, but also many sub-domains from companies like Chase, Citibank, Toys R Us, Macys, Home Depot and even Microsoft. Could these sub-domains be suspect? Sure. However...

In examining my corporate systems' SPF record, everything looks in tact. The messages are coming from a host that correctly resolves to one of our MX records. (The SPF record includes mx, two a: entries, a bunch of ip4: entries, an include: entry and ends in "-all.") Everything in the SPF record says that the host matches the Sender ID filtering query, so the messages should be accepted. (Granted, I have not performed the same level of troubleshooting for all affected domains.)

I suspect that there is a bug in the Sender ID implementation of Exchange 2007, but - of course - I have no way to confirm this.

Everyone seems to think that the simple solution is to simply disable Sender ID filtering. Because, in my case, it's not just one "customer" that is being rejected, I'm actually considering this course of action. However, what, exactly, will I lose by disabling the filter? After all, it was implemented for a reason.

Can anyone help? I'd greatly appreciate any input.

(in reply to berryguru)
Post #: 4
RE: Sender ID validation fails - 29.Jun.2011 4:56:51 PM   
berryguru

 

Posts: 52
Joined: 18.Feb.2010
Status: offline
I'm by no means an Exchange guru, but I do support and administer our Exchange server. I learn something everyday, especially as we prep to upgrade to Exchange 2010. Anyways... back to the issue at hand. I wouldn't recommend disabling the Sender ID filtering. I think you will have a large increase in spam. Can others confirm?

I too would be curious to what the workaround would be, if any at this point. I have explained the situation to my other party, and their Exchange guys are looking into it. I haven't not received any feedback, nor do I expect to get any back.

(in reply to EdgarTorres)
Post #: 5
RE: Sender ID validation fails - 29.Jun.2011 7:20:33 PM   
EdgarTorres

 

Posts: 3
Joined: 29.Apr.2004
From: New York
Status: offline
Hey, thanks for the quick response! I'm in the same boat as you. I used to do a lot of Exhange work, but have moved into a broader area, only managing my personal Exchange server, so I'm always learning.

I'm very interested in what others have to say. I'm going to post this topic to experts-exchange.com, to see if they have anything to add. If so, I'll post it here...

< Message edited by EdgarTorres -- 29.Jun.2011 7:22:06 PM >

(in reply to berryguru)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Message Routing >> Sender ID validation fails Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter