configuration error in lists.isc.org

Lawrence K. Chen, P.Eng. lkchen at ksu.edu
Fri Aug 14 02:00:33 UTC 2015


On 2015-08-13 18:47, Reindl Harald wrote:
> Am 13.08.2015 um 23:15 schrieb Lawrence K. Chen, P.Eng.:
>> On 2015-08-10 17:12, Reindl Harald wrote:
>>> well, when you can't say from where you send mail you should refrain from
>>> setup SPF at all
>>> 
>> Except there are external forces that demand an SPF, and that it contain
>> specific strings at all times.  Namely Office365, the add domain to
>> tenant process can't be completed until things are just the way it wants.
> 
> no, no and no again
> 
> these are TXT records which have nothing to do with SPF and hence i am done
> with you talking about SPF
> 
> http://office365support.ca/adding-and-verifying-a-domain-for-the-new-office-365/
> 


#17 has the SPF record they need to verify at #20 before you can finish.

Since we had done this so we could start migration we switching things back.  
Though Microsoft had kept saying we start green, and maybe backfill 
later...since was little seamless with this switch. (except that I run ssl 
proxies so users can continue to do imap and pop3 using the old names, and 
our old webmail domain redirects them to O365 so they can be redirect a few 
more times through out SSO process...for which is which now...but we do one 
type and Microsoft takes the other, so there's a hop where they get Microsoft 
one from ours.

There was a time that I was doing ssl proxy for webmail, but those were 
darker times...

I strongly suspect that either the error that our required DNS fields were 
wrong, was more of a warning or that start over at #1 wasn't necessary.  
Namely, that we've our SPF is kind of bad now....

I counted 16 include:'s  The mailhop one contains 8, + itself makes 9.,  O365 
has 3 + 1, and qualtrics is an include to just a single include....to consume 
2.

Earlier today had a request to add another entry...didn't notice that how 
close the string was to 255? characters.

Not sure how I could possibly get the lookups to 10 (or less), without risky 
behavior...


-- 
Who: Lawrence K. Chen, P.Eng. - W0LKC - Sr. Unix Systems Administrator
                                    with LOPSA Professional Recognition.
For: Enterprise Server Technologies (EST) -- & SafeZone Ally



More information about the bind-users mailing list