ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    How to receive e-mail alerts from internal devices

    IT Discussion
    smtp smtp relay postfix log management email alerts
    6
    51
    4.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JaredBusch @Obsolesce
      last edited by

      @tim_g said in How to receive e-mail alerts from internal devices:

      @jaredbusch said in How to receive e-mail alerts from internal devices:

      @tim_g said in How to receive e-mail alerts from internal devices:

      So what I"m thinking, is that unless the outgoing email server is a trusted server, O365 won't allow it into it's system to be delivered to my email.

      This is impossible, well not technically impossible, but would never be implemented. How are you defining trusted? SPF? See my above reply. Because what if I have no SPF record and I have internal Exchange at my Jared's Fucking Consulting Services? Are you saying that you will not receive my email?

      But if i set up some outgoing email server myself, and try to send an email from me@gmail.com to me@outlook.com, I believe O365 will not let it through.

      I do not recall what services were tested other than Gmail, but yes, it will.

      Your work domain will not because you have specifically told it to use SPF I assume.

      This is a different issue than someone trying to send form a company email to a company email.

      Okay I think I understand now.

      It's different for me because I am specifically taking steps to block emails whose "from address" is not from a verified server... meaning if someone sends an email from someone@gmail.com, it will be blocked unless it actually came from a gmail.com email server?

      Assuming that gmail.com is actually companydomain.com, yes you are correct.

      1 Reply Last reply Reply Quote 0
      • Z
        zachary715
        last edited by

        Yes we have our SPF record setup that if I try to send these alerts via UPS@mydomain.com, it will get blocked. I don't require it to be from my domain though at this time. I'm perfectly satisfied with it being from internaldomain.local just as long as I get the reports I need.

        O 1 Reply Last reply Reply Quote 0
        • O
          Obsolesce @zachary715
          last edited by

          @zachary715 said in How to receive e-mail alerts from internal devices:

          Yes we have our SPF record setup that if I try to send these alerts via UPS@mydomain.com, it will get blocked. I don't require it to be from my domain though at this time. I'm perfectly satisfied with it being from internaldomain.local just as long as I get the reports I need.

          Yeah then you won't need any authentication.

          1 Reply Last reply Reply Quote 0
          • J
            JaredBusch
            last edited by

            @Tim_G I just changed my laptop's dnf-automatic setting as follows.

            0_1521731675450_421f29a8-23e2-4a45-84bb-02d4f742d614-image.png

            The server there is in my colo and is in the SPF for my company domain bundystl.com but obviously, I cannot change Gmail's SPF.

            0_1521731785434_6861af55-e029-4f05-991b-f3769686b0ee-image.png

            Now Google did soft check it.
            But it still hit my inbox.
            0_1521731839292_b78664c3-6bff-489d-8d59-e20f9d6b6220-image.png

            0_1521731872094_1e8423e3-29dd-4264-a9a1-a84dc079f193-image.png

            Here is the full header (redacted).

            Delivered-To: sorvani@gmail.com
            Received: by 10.103.62.65 with SMTP id l62csp1114442vsa;
                    Thu, 22 Mar 2018 08:08:41 -0700 (PDT)
            X-Google-Smtp-Source: AG47ELs+6VQ7n+SHAtV9m4uOLgmv8vpQF4hFx6jJTiF0/7+D9fL9bUtFWE0UcMw1/FJjmE/+6IvQ
            X-Received: by 2002:a24:bcc4:: with SMTP id n187-v6mr9355606ite.26.1521731321402;
                    Thu, 22 Mar 2018 08:08:41 -0700 (PDT)
            ARC-Seal: i=1; a=rsa-sha256; t=1521731321; cv=none;
                    d=google.com; s=arc-20160816;
                    b=URXPlYi9YdJzlBGcevx/J53Ip1Ht0MP05i0n2WK1dXHbCYaXtmqG416NR0wlVWAe8Q
                     mPTRB99J1AY6vo74dlJvDDQ9Fuj2AIndnq6zYztk0IMYa5Qfr0ZZvkXM67OBqrvsczdh
                     3jScUQfbkfqoTktrNnwgtNz8Q20eYuTKbtbC5lSjRCBjzeIMg1NY4tTcw1xqgs3KvLKe
                     SmT4s9pjux6vr5/7QOmCQyff0rTSgEhqF/l9tdrQI3BN3uwkSIAvqAKeW8MiX/p/wTKS
                     C+HhTNgqQpFswivTfoXjaFUpOsfpGsvPj5DYnKeXD6pXfw7eObwGopdUKb2AV/ix+3Hw
                     PzfQ==
            ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
                    h=message-id:to:subject:from:date:content-transfer-encoding
                     :mime-version:arc-authentication-results;
                    bh=q5rj1FQFBZzNVe2kH8xvcqgQOwTh8q2EHL6ugR/7+BY=;
                    b=Up+IsW9uxbxk3HQiojNEPiWZ6Vv88Y91fA07To2N+5jVZkuJATk0rPYu20hvG7Mr6O
                     J/nEVoKT98hFhmwXasHupRvqIIJWr/u5zHrA77hADKCXGN6xbSvotp2TBH9wrtIsWKbx
                     EwREMYwi05cSNFpeEe67UeskvWvOK2ex1OcTTtyg1FEoN33OHajOe5x4BEy5a4WjR2b6
                     ru2WKdQniQO7mzOUUw5zykTY9EuokThOMBxpLOgPlMiXdppt91x4bmlapxnfa9RgKCsC
                     xPhp++C81ziNMps+82mhYds8VJgoOXmpuadtVu8tjPRC/WNOdAVNWgU43dG+jl5Pa8XS
                     jxrQ==
            ARC-Authentication-Results: i=1; mx.google.com;
                   spf=softfail (google.com: domain of transitioning sorvani@gmail.com does not designate 207.XXX.XXX.XXX as permitted sender) smtp.mailfrom=sorvani@gmail.com;
                   dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
            Return-Path: <sorvani@gmail.com>
            Received: from postfix.ad.domain.com (remote.domain.com. [207.XXX.XXX.XXX])
                    by mx.google.com with ESMTPS id u71-v6si5370770ita.89.2018.03.22.08.08.41
                    for <sorvani@gmail.com>
                    (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
                    Thu, 22 Mar 2018 08:08:41 -0700 (PDT)
            Received-SPF: softfail (google.com: domain of transitioning sorvani@gmail.com does not designate 207.XXX.XXX.XXX as permitted sender) client-ip=207.XXX.XXX.XXX;
            Authentication-Results: mx.google.com;
                   spf=softfail (google.com: domain of transitioning sorvani@gmail.com does not designate 207.XXX.XXX.XXX as permitted sender) smtp.mailfrom=sorvani@gmail.com;
                   dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
            Received: from lt-jared.jaredbusch.com (unknown [10.254.103.22]) by postfix.ad.domain.com (Postfix) with ESMTP id EB72BC0C7991 for <sorvani@gmail.com>; Thu, 22 Mar 2018 10:08:39 -0500 (CDT)
            MIME-Version: 1.0
            Content-Transfer-Encoding: 7bit
            Content-Type: text/plain; charset="utf-8"
            Date: Thu, 22 Mar 2018 15:08:39 -0000
            From: sorvani@gmail.com
            Subject: Updates applied on 'lt-jared.jaredbusch.com'.
            To: sorvani@gmail.com
            Message-ID: <152173131956.27006.3260010512062988891@lt-jared.jaredbusch.com>
            
            O 1 Reply Last reply Reply Quote 1
            • J
              JaredBusch
              last edited by JaredBusch

              I should have turned off the actual apply of the updates. then I could have reran it with various email settings.

              1 Reply Last reply Reply Quote 0
              • O
                Obsolesce @JaredBusch
                last edited by Obsolesce

                @jaredbusch

                Yes, this is exactly what I was talking about:
                0_1521732498256_846c027a-04dd-41ef-a72a-98ac4ca7732e-image.png

                Which can be seen here:
                0_1521732532850_c9bd686c-54be-4c92-80e1-7c33d0ebc5da-image.png

                I wasn't aware Google/MS allow that kind of thing through, but at least it's warning you.

                This is why I use the O365 relay, to make the emails "official or legit".

                J 1 Reply Last reply Reply Quote 0
                • J
                  JaredBusch @Obsolesce
                  last edited by

                  @tim_g said in How to receive e-mail alerts from internal devices:

                  @jaredbusch

                  Yes, this is exactly what I was talking about:
                  0_1521732498256_846c027a-04dd-41ef-a72a-98ac4ca7732e-image.png

                  Which can be seen here:
                  0_1521732532850_c9bd686c-54be-4c92-80e1-7c33d0ebc5da-image.png

                  I wasn't aware Google/MS allow that kind of thing through, but at least it's warning you.

                  This is why I use the O365 relay, to make the emails "official or legit".

                  Right, normally, I had my laptop sending from bundystl.com to bundystl.com and it is in the SPF. So always legit. Still not authenticated, but I do have the IP in as a connector in O365.

                  O 1 Reply Last reply Reply Quote 1
                  • O
                    Obsolesce @JaredBusch
                    last edited by

                    @jaredbusch said in How to receive e-mail alerts from internal devices:

                    but I do have the IP in as a connector in O365

                    Right, this is what I meant earlier as needing to happen to "allow it".

                    1 Reply Last reply Reply Quote 0
                    • Z
                      zachary715
                      last edited by

                      Do you guys go beyond the SPF records and also implement DKIM or DMARC? I've looked into these briefly but not much. DKIM looks fairly straightforward with Office 365.

                      O J 2 Replies Last reply Reply Quote 0
                      • O
                        Obsolesce @zachary715
                        last edited by

                        @zachary715 said in How to receive e-mail alerts from internal devices:

                        Do you guys go beyond the SPF records and also implement DKIM or DMARC? I've looked into these briefly but not much. DKIM looks fairly straightforward with Office 365.

                        Looked into DKIM a little, but not implemented it (yet).

                        1 Reply Last reply Reply Quote 0
                        • J
                          JaredBusch @zachary715
                          last edited by

                          @zachary715 said in How to receive e-mail alerts from internal devices:

                          Do you guys go beyond the SPF records and also implement DKIM or DMARC? I've looked into these briefly but not much. DKIM looks fairly straightforward with Office 365.

                          I've checked them both. I will not implement DKIM anytime soon. It adds little on top of SPF.

                          DMARC is a layer on top of SPF and/or DKIM you cannot use DMARC without one of the other in place.

                          All DMARC does is tell the recipient system what to do with a message that fails the SPF/DKIM check. Instead of letting the recipient system decide what to do about it.

                          1 Reply Last reply Reply Quote 3
                          • 1
                          • 2
                          • 3
                          • 3 / 3
                          • First post
                            Last post