553 validating sender

mail.#550 5.7.1 Sender ID (PRA) Not Permitted ## We currently have the Sender ID validation set for 'Reject (the message will not be accepted; the sending party will be responsible for NDR generation) The other options are: Accept (the Sender ID status will be attached to the message for further anti-spam processing) Delete (the message will be accepted and then deleted; no NDR will be sent back to the sender) From what I gathered here, the Accept option would fix my issue.

My question is, what are the repercussions of this or more so, what is recommended?

553 validating sender-75

I dug a little more on SPF and relayed the information to the other side having the problem. While I agree that making a change for one customer is a bit drastic and [in most cases] unacceptable, let's look at ALL the facts, before we discard the problem to just one customer. In examining my corporate systems' SPF record, everything looks in tact.

I came upon this thread, because I, too, am experiencing this problem. The messages are coming from a host that correctly resolves to one of our MX records.

In reviewing the logs for my personal Exchange server, after realizing that I'm not receiving messages from my corporate server, I found that I'm not only rejecting messages from work, but also many sub-domains from companies like Chase, Citibank, Toys R Us, Macys, Home Depot and even Microsoft. (The SPF record includes mx, two a: entries, a bunch of ip4: entries, an include: entry and ends in "-all.") Everything in the SPF record says that the host matches the Sender ID filtering query, so the messages should be accepted.

Sender ID is a way to check that the server sending mail on behalf of a company is actually permitted to send mail on behalf of that company.

In this instance, the settings that they have configured are incorrect and the Sender ID Check fails.

If they correct their SPF record (Sender Policy Framework), then their problem should go away and you should be able to receive their emails.

An SPF record is a way for a company to publish the IP Addresses / mail server that are allowed to send mail for that domain - if they didn't have an SPF record - it wouldn't fail - it would pass, so they must have an incorrect SPF record i.e., one that does not include the IP Address that they are sending from. I had a feeling it was on there end, but I wanted to be sure. There is some good information in this thread; however, I have a problem with the answer.

Sender Policy Framework (SPF) records allow domain owners to publish a list of IP addresses or subnets that are authorized to send email on their behalf.

The goal is to reduce the amount of spam and fraud by making it much harder for malicious senders to disguise their identity.

I've got a client who is unable to email our organization.

From the looks of the bounce back message, this has something to do with Sender ID validation.

Tags: , ,