mdemel Absent Member.
Absent Member.
1062 views

SPF record and outside network email client

SPF record and outside network email client


I have a gwava appliance setup as a middle man between our GroupWise server and the world. The problem is we just created an SPF record and now email clients (outside the network) are getting a send failure problem. Is there an option that when someone authenticates through the Gwava appliance to our mail server that it will accept the mail?
We have the "SMTP relay agent target server" setup under "Configure Server" with our GroupWise server and under the configure domains setup with our GroupWise server under the "SMTP server" list with "Receive mail/Authenticate".
I'm not sure what I'm missing and any direction would help.

Here is what's in the smtp log in gwava
[2r7e4gg][2] FEB-07 15:24:18 TLS started for connection with xxx.xxx.xxx.xxx
[2r7e4gg][2] FEB-07 15:24:19 Auth Login for: (mylogin@domain)
[2r7e4gg][2] FEB-07 15:24:19 Connecting to (our groupwise server), for (our groupwise server)
[2r7e4gg][2] FEB-07 15:24:19 Connected to server (our groupwise server) on port 25
[2r7e4gg][2] FEB-07 15:24:20 Received 504 byte message (16 lines)
[2r4lmrg][1] FEB-07 15:24:21 GWAVA scan started from SMTP thread: [2r7e4gg]
[2r4lmrg][2] FEB-07 15:24:21 GWAVA reports message should be blocked
[2r7e4gg][2] FEB-07 15:24:21 Message was blocked: spf
[2r7e4gg][1] FEB-07 15:24:23 Socket is closed
[2r7e4gg][1] FEB-07 15:24:23 => Socket write error: socket unavailable
[2r7e4gg][1] FEB-07 15:24:23 <= Socket read error: socket unavailable
[2r7e4gg][2] FEB-07 15:24:23 Client disconnected from xxx.xxx.xxx.xxx


Mail client message.
An error occurred while sending mail. The mail server responded: Message was blocked by server (GWAVA blocked: spf, reference ID: str=0001.0A020207.5C5CA52E.0052,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0). Please check the message and try again.
0 Likes
3 Replies
AutomaticReply Absent Member.
Absent Member.

Re: SPF record and outside network email client

mdemel,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

These forums are peer-to-peer, best effort, volunteer run and that if your issue
is urgent or not getting a response, you might try one of the following options:

- Visit https://www.microfocus.com/support-and-services and search the knowledgebase and/or check
all the other self support options and support programs available.
- Open a service request: https://www.microfocus.com/support
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.microfocus.com)
- You might consider hiring a local partner to assist you.
https://www.partnernetprogram.com/partnerfinder/find.html

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.microfocus.com/faq.php

Sometimes this automatic posting will alert someone that can respond.

If this is a reply to a duplicate posting or otherwise posted in error, please
ignore and accept our apologies and rest assured we will issue a stern reprimand
to our posting bot.

Good luck!

Your Micro Focus Forums Team
http://forums.microfocus.com



0 Likes
mdemel Absent Member.
Absent Member.

Re: SPF record and outside network email client

I ended up opening an SR and found out that there may be a bug in 6.5 that may be causing this problem but its no longer being supported so no fix and that SMG does not have the module to authentication yet (if I remember right) so it would not have mattered if I upgraded.:( I ended up opening a port and sending all my users direct to the GWIA. I also turned on forced authentication so that not just any Tom, Dick or Harry could send mail to our GWIA.
That is the only fix that I could come up with.
0 Likes
Knowledge Partner
Knowledge Partner

Re: SPF record and outside network email client

mdemel wrote:

> I ended
> up opening a port and sending all my users direct to the GWIA. I also
> turned on forced authentication so that not just any Tom, Dick or
> Harry could send mail to our GWIA.


If you have GWIA port 25 open to the world it *will* be found by
hackers and spammers. Even if you have forced authentication it won't
stop them from hammering away at your system trying various passwords
for a way in.

If your MX record(s) point to SMG you should open a unique high port
for GWIA access for your users who need it or maybe setup your router
to port forward a unique high port to GWIA at port 25.


--
Kevin Boyle - Knowledge Partner
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below this post.
Thank you.
_____
Kevin Boyle - Knowledge Partner - Calgary, Alberta, Canada
Who are the Knowledge Partners?
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.