User comments on ISPs
  >> Zen Internet


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | 5 | 6 | 7 | (show all)   Print Thread
Standard User Ohmygawd
(newbie) Fri 04-Aug-17 22:42:05
Print Post

Zen Internet SPF & Forwarding


[link to this post]
 
I noticed today that emails seemed very thin on the ground and my wife hadn't received an email she was expecting so after much head scratching I thought I'd have a look at the Status and Service Alerts pages on the Zen portal. Found this service alert;
From Thursday 3 August Zen's mail servers will be honoring SPF records as published by sending domains.
Where SPF experiences a SPF FAIL we will reject this email.
If emails are getting rejected for failing SPF we advise to check and confirm your SPF records are adequate for your domain.
For domains held with Zen please call our Support teams who can offer assistance.
Posted: Thu, 03/08/2017 15:49 by Paul Stead

I own two domains and for years I have had these set up as forwarders, sending all email from about 6 separate email addresses to the Zen mail server and I can then pick them all up using Outlook. This is now just about impossible and I've found that a number of important emails have bounced back to clients without me knowing. Zen support told me to add a SPF record to my domains but this has had no effect and I can't see how it would work with forwarding.

I'm fairly brassed off at this but hey ho, that's the internet. However, what I'd really like is a solution, has anyone else experienced this and found a workaround? The only temporary solution I've found if to forward the emails to a Gmail account that obviously doesn't use SPF, but it's not ideal. I've done some research and the concensus seems to be that SPF [censored] up forwarding and there isn't a solution but I'm open to any ideas.
Standard User caffn8me
(eat-sleep-adslguide) Sat 05-Aug-17 08:54:43
Print Post

Re: Zen Internet SPF & Forwarding


[re: Ohmygawd] [link to this post]
 
What SPF does is to specify which mail servers are permitted to send email from a particular domain. What you seem to be having problems with is receiving email from other domains. If the email is being sent to one of the domains you use, your SPF records are irrelevant. Forwarding is not part of the problem.

It sounds to me as thought Zen has now implemented DMARC, which is good practice (and on my to-do list), and that the people who are sending to you are using mail servers which don't accord with their domain's SPF records. This is quite likely when people have mobile devices which only ever use one authenticated SMTP server for sending for all their accounts.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User BatBoy
(sensei) Sat 05-Aug-17 09:08:23
Print Post

Re: Zen Internet SPF & Forwarding


[re: Ohmygawd] [link to this post]
 
I also found that SPF was broken by forwarding which led me to migrating from my own mail server to Google mail instead.


Register (or login) on our website and you will not see this ad.

Standard User caffn8me
(eat-sleep-adslguide) Sat 05-Aug-17 09:14:47
Print Post

Re: Zen Internet SPF & Forwarding


[re: BatBoy] [link to this post]
 
Got it. The senders may have valid SPF records for their domains but then email gets forwarded by the receiving domain registrar's server to Zen. Zen sees this as being email coming from the receiving domain registrar's server and not an authorized server for the sending domain.

The solution is to host email accounts on the MX server for the receiving domain or change the MX record for that domain to Zen - with Zen's support.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User jchamier
(eat-sleep-adslguide) Sat 05-Aug-17 09:49:00
Print Post

Re: Zen Internet SPF & Forwarding


[re: caffn8me] [link to this post]
 
In reply to a post by caffn8me:
The solution is to host email accounts on the MX server for the receiving domain or change the MX record for that domain to Zen - with Zen's support.


Yes SPF, and DMARC essentially remove some of the legacy flexibility of the SMTP protocol. However since pretty much every email mailbox has a sending server alongside, its not a hard one to resolve. The places where it has broken down is where you had £1 webhosts offering incoming email mailboxes without an SMTP server.

Anyone whom runs their own domain can configure SPF as they like, and/or choose to implement DMARC.

They seem to work in improving the mails delivered successfully stats . Anyone whom sends emails to the big USA ISPs will find they need both or the mail is blackholed frown

plusnet unlimited fibre 80/20 - 2 Jun 14 - Sync at 28/Jul/17: 64,899/9,065 - G.INP & 3.3 dB SNRm
18 years of UK broadband since 1999 ntl:cable modem trial - Asus RT-AC68U and HG612 - BQM
Standard User jchamier
(eat-sleep-adslguide) Sat 05-Aug-17 09:51:03
Print Post

Re: Zen Internet SPF & Forwarding


[re: Ohmygawd] [link to this post]
 
In reply to a post by Ohmygawd:
I own two domains and for years I have had these set up as forwarders, sending all email from about 6 separate email addresses to the Zen mail server and I can then pick them all up using Outlook..


Perhaps the domain name company can supply a POP/IMAP mail server, and you can route your addresses on your two domains to that server. Then no forwarding required.

With the advantage that if you were to change ISP you wouldn't need to adjust anything.

plusnet unlimited fibre 80/20 - 2 Jun 14 - Sync at 28/Jul/17: 64,899/9,065 - G.INP & 3.3 dB SNRm
18 years of UK broadband since 1999 ntl:cable modem trial - Asus RT-AC68U and HG612 - BQM
Standard User BatBoy
(sensei) Sat 05-Aug-17 10:11:12
Print Post

Re: Zen Internet SPF & Forwarding


[re: BatBoy] [link to this post]
 
From 10 years ago http://www.openspf.org/FAQ/Forwarding
Standard User Ohmygawd
(newbie) Sat 05-Aug-17 15:58:04
Print Post

Re: Zen Internet SPF & Forwarding


[re: BatBoy] [link to this post]
 
Here's the response from Zen, pretty much confirms what I thought, I cannot continue to use forwarding.

Thanks for getting in touch. The only way to enable forwarding of emails without rejection by us is for the forwarding mail server to enable sender rewriting, which would resolve the issue:

- http://www.openspf.org/SRS
- https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme

So it may be worth asking your domain provider if they would be willing to do this. Alternatively you would likely need to disable forwarding and collect the mail from somewhere directly.

The current issue is being caused by the fact that the forwarding email server is technically impersonating the original sender addresses when it forwards the message. If the sender domain has an SPF record present, telling us to reject any emails from their domain name which haven't been sent from their mail server, we will now do so.


I've now sorted out POP3 and smtp with my web hosting company who were very helpful and efficient so the issue is now resolved. I'm still a bit narked that Zen didn't seem to realise what a devastating effect this policy implementation would have on any customer who is using forwarding and I strongly expect there are number of users out there who are wondering why they are no longer receiving many emails. The odd thing is that some emails were getting through, just enough to make you think there's nothing wrong.
Standard User BatBoy
(sensei) Sat 05-Aug-17 16:16:35
Print Post

Re: Zen Internet SPF & Forwarding


[re: Ohmygawd] [link to this post]
 
I think this quote is typical of the broke philosophy of SPF "If your forwarding runs through a commercial service like pobox.com, you shouldn't have to do anything. They have to change with the times, and perform the above rewriting automatically for you."
Standard User jchamier
(eat-sleep-adslguide) Sat 05-Aug-17 17:26:34
Print Post

Re: Zen Internet SPF & Forwarding


[re: BatBoy] [link to this post]
 
SPF is a "solution" created by the big boys (AOL, verizon, and similar) whom handle tens of millions of mailboxes and even a 0.5% decrease in spam is a significant reduction in their costs (CPU, storage, heat, electric, A/C etc).

Yes, by design SPF and latterly DMARC, break the flexible nature of the 1970s SMTP standard, but its now ~40 years later, and the network is no longer a cooperation of universities but has all forms of human life.

We now need locks on our doors, and policemen in the street. Things change.

Nobody has to accept SMTP mail sent at them, like you don't have to have a letter box in your door. smile

plusnet unlimited fibre 80/20 - 2 Jun 14 - Sync at 28/Jul/17: 64,899/9,065 - G.INP & 3.3 dB SNRm
18 years of UK broadband since 1999 ntl:cable modem trial - Asus RT-AC68U and HG612 - BQM
Pages in this thread: 1 | 2 | 3 | 4 | 5 | 6 | 7 | (show all)   Print Thread

Jump to