202 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
WebSphere Application server: how reset a password from file registry using wsadmin
Wed, Dec 6th 2017 46
IBM Connections Engagement Center announced for IBM Conncetions Cloud: dont' miss the related Webinar next friday !
Wed, Nov 29th 2017 17
WebSphere Portal how to: Recover a WPSDB on derby with SQL status XJ040
Sun, Nov 26th 2017 10
WebSphere Portal: come far ripartire un Portale con WPSDB su derby in failed con stato SQL XJ040
Sun, Nov 26th 2017 10
IBM Connections 6.0 CR1 available for download
Tue, Nov 21st 2017 9
WebSphere How To: fix errore ADMG0011E while Application Server deletion
Wed, Nov 15th 2017 17
ICON UK Events: Around the Table - Nov 17 : Domino and Notes 10, Verse On Prem 1.0.3, Domino 9.0.1 Fp10 and more ! Replay available
Thu, Nov 9th 2017 13
Top 10
WebSphere Application server: how reset a password from file registry using wsadmin
Wed, Dec 6th 2017 46
How to configure Sametime 9 user photo from IBM Connections Profiles instead of ldap field
Fri, Mar 21st 2014 34
Set IBM Verse as desktop app on chrome
Thu, May 14th 2015 32
How to: configure multiple IBM Verse account on Android devices
Tue, Feb 23rd 2016 28
IBM Client application access 1.0.1 available for download
Sun, Jun 26th 2016 22
IBM mail support for Microsoft Outlook, V2.0 available for download
Tue, Jun 28th 2016 22
If you have trouble with SMTP delivery check PTR, SPF , DKIM and DMARC record of your domain
Wed, Sep 10th 2014 21
How to : install DB2 10.1 on Windows Server 2012 R2 in case of error Info 2896.Executing action ValidatePanelCA failed.
Sat, Dec 6th 2014 20
IBM Smartcloud Hybrid , setup an SMTP mail relay using the domino Passthru Server
Thu, Apr 23rd 2015 17
WebSphere How To: fix errore ADMG0011E while Application Server deletion
Wed, Nov 15th 2017 17


If you have trouble with SMTP delivery check PTR, SPF , DKIM and DMARC record of your domain
Twitter Google+ Facebook LinkedIn Addthis Email Gmail Flipboard Reddit Tumblr WhatsApp StumbleUpon Yammer Evernote Delicious
   

In last days I've worked on some customer SMTP delivery issue and i like to make a recap on settings I've check and modified..

PTR Record

The PRT record of  the SMTP internet relay is fundamental ! A lot of SMTP server who work as e-mail receiver first check if exist the reverse configuration of the ip address and if not drop the SMTP connection instantly without make any other check! This is because the PTR record isn't usually set on every IP and rarely is set on spammer SMTP servers.

SPF Record

The SPF (sender policy framework) record is a TXT record who declare the allowed IP addres sender by domain. If this record exist the SMTP receiver could check it and drop the e-mail received from others IP address.

For example if you like to set a SPF record who allow all your MX server to send internet mail you could set a SPF like this:
"v=spf1 mx -all"

On other environment if you like to set a IP range of SMTP server from 192.168.0.1 to 192.168.255.255 you could set a SPF like this:

"v=spf1 ip4:192.168.0.1/16 -all"


On this page you could find protocol directive and some examples and  on this page you could find online tool to check your record.


DKIM

Having a validated source of SMTP IP address could not be enough in case of IP spoofing so we could use a DomainKeys Identified Mail (DKIM) record.
To use Dkim your SMTP relay have to digitally sign the headed of every e-mail sent.and the corrisponded public key have to put on internet DNS on a TXT record.

For example on my msbiro.net domain I've created a TXT record named


msbiro._domainkey

with following value :

v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4HaRa97JsN7F9Np8bHhmBj06tCiwTucGPiPG5C4bZLmbCu1P5P12fExGzEkmZUy6hd4KwVPQVWgbcFvxZTOs5iA6TzxtQe6QCr2l0EX9AYtP5ykkA3HLlRmhAkmCJTsEh/kEEdLbP3LQ78RVk+E1ZLA//BPrDikRym3/EFvfhKwIDAQAB

v= is protocol version ,
k= is the encription algorithm used
p= is the public key associated on my domain

At this address you could find all info and  on this site you could find a test application to verify your TXT record.

NOTE: the use of DKIM is restricted to the use of an SMTP server that supports this technology. In this case I've used as SMTP gateway Scrollout F1, who is a SMTP appliance released on iso format available though GNU GPL licence.

DMARC

Dmarc (Domain-based Message Authentication, Reporting and Conformance) is another TXT record who could extend the possibility of SPF and DKIM record.
Through the record DMARC you can set a threshold percentage of messages that can fail the checking SPF or DKIM and tell the SMTP server if have to mark the failed e-mail as Junk  (entrusted) or if have to discard them.

The really handy feature of this record is that you set up a mailbox to which the SMTP server that receive messages, send a daily report in XML format containing the violations received on the policy DMARC of your domain.

An example of record DMARC coud be the following,

host :
_dmarc 
valore:
v=DMARC1; p=quarantine; pct=1; rua=mailto:postmaster@msbiro.net

v= is protocol version ,
p= represent the policy is to be applied 
pct=1 represents the percentage of messages subject to filtering and 1 says to monitor all the messages without imposing junk or drop 
rua= tells what address to send the report XML messages that fail the check.


The activation record dle DMARC it is advisable to increase, starting from the monitoring arriving up to 100% of the messages in the drop.

The advantage about implementation of  this record on  monitoring status is that that you can get the record with the sources of e-mails that violate the policy SPF or DKIM and thus be able to know whether to make adjustments to the routing of our e-mails.

On this page you could find the DMARC directive and on here you could find a tool to verify that  .


---------------------
http://blog.msbiro.net/2014/09/if-you-have-trouble-with-smtp-delivery-check-ptr-spf-dkim-and-dmarc-record.html
Sep 10, 2014
22 hits



Recent Blog Posts
46
WebSphere Application server: how reset a password from file registry using wsadmin
Wed, Dec 6th 2017 8:42a   Matteo Bisi
Sometimes it happens.. I had to login to a WebSpere DMGR but the password of the local administrator wasn't working as expected and there wasn't LDAP configured. One of the easy way you have to get back your Cell is reset the password of the local admin using wsadmin open a command promp on dmgr profile binwsadmin -conntype NONE$AdminTask changeFileRegistryAccountPassword {-userId waslocal -password ab12c34de}$AdminTask change Restart the JVM and you will be able to login with your waslocal
17
IBM Connections Engagement Center announced for IBM Conncetions Cloud: dont' miss the related Webinar next friday !
Wed, Nov 29th 2017 1:55p   Matteo Bisi
IBM Connections Engagement Center ( ICEC ) is a plattform that brings to IBM Connections some wcm feature we could usually find working with content management platfroms: Create and customize pagesAdd content and applications with widgets and APIsPersonalize content based on employee directory dataSimplify publishingIntegrate and administrate quickly and efficientlyICEC is already available for on-prem enviroment but now IBM has announced the availability for IBM Connections cloud too , click he
10
WebSphere Portal how to: Recover a WPSDB on derby with SQL status XJ040
Sun, Nov 26th 2017 12:56p   Matteo Bisi
Some days ago I've received a new ticket from one of my customers with a WebSphere portal unable to start due some issue on WPSDB. This was a dev environment so WPSDB was resident on local derby instance inside SystemOut.log this was the relevant error during Portal start Failed to start database 'C:/IBM/WebSphere/wp_profile/PortalServer/derby/wpsdb' with class loader com.ibm.ws.bootstrap.ExtClassLoader@5bfa5bfa, see the next exception for details.DSRA0010E: Stato SQL = XJ040, Codice erro
10
WebSphere Portal: come far ripartire un Portale con WPSDB su derby in failed con stato SQL XJ040
Sun, Nov 26th 2017 11:18a   Matteo Bisi
A seguito di un failure del sistema operativo รจ capitato ad un mio cliente che un WebSphere Portal di sviluppo, con WPSDB sul derby locale non riuscisse piu ad essere avviato. Nel SystemOut.log si riscontrava il seguente stato: Failed to start database 'C:/IBM/WebSphere/wp_profile/PortalServer/derby/wpsdb' with class loader com.ibm.ws.bootstrap.ExtClassLoader@5bfa5bfa, see the next exception for details.DSRA0010E: Stato SQL = XJ040, Codice errore = 40.000 Failed to start database 'C:/IB
9
IBM Connections 6.0 CR1 available for download
Tue, Nov 21st 2017 6:41p   Matteo Bisi
IBM has just released on fixcentral the new CR1 for Connections 6.0 that include all fixes released until now (Day 1 , June Update) with a lot of more update and optimizations Below some useful links and info: Click here for the complete fixlistHere the download linkTDIsol update available here Homepage and Activity database update available , check this technote for detailsIn case of rollback additional Websphere Enterprise Applications for Metrics need to be uninstalled before If you have C
17
WebSphere How To: fix errore ADMG0011E while Application Server deletion
Wed, Nov 15th 2017 11:16p   Matteo Bisi
Working on a WebSphere 8.5.0.2 environment I was unable to delete an Application server getting the error ADMG0011E: An error occurred while deleting the server. ADMG0011E: An unexpected exception occurred com.ibm.websphere.management.exception. AdminException: Exception in removeTargetFromCUs().. Inside DMGR and NodeAgent logs I wasn't able to find anything related but inside DMGR FFDC, folder I got a log generated during the deletion time frame with following exceptions: Caused by: com.ibm
13
ICON UK Events: Around the Table - Nov 17 : Domino and Notes 10, Verse On Prem 1.0.3, Domino 9.0.1 Fp10 and more ! Replay available
Thu, Nov 9th 2017 11:04p   Matteo Bisi
Today there was a really interesting webinar from the monthly ICON UK around the table webinar about IBM di Domino 10 announcement and others interesting topics. I really enjoyed the Q&A part with Barry Rosen Offering Manager IBM Collaboration SolutionUffe Sorensen Messaging and Collaboration DirectorThis are some of the response: Domino2025jam Jam will be mostly about the future after Domino10 but IBM will listen about request to better understand what community and customers needs an
5
IBM WebSphere 9 Java 8.0 Service Refresh 5 e problemi di sync allo scadere del token LTPA , come risolvere
Tue, Nov 7th 2017 11:00p   Matteo Bisi
Durante le ultime settimane , lavorando ad una nuova installazione di WebSphere Portal 9 su WebSphere Application server 9.0 FP4 mi sono imbattuto in strani problemi di sincronizzazione della cella WebSphere che accadevano dopo alcune ore di utilizzo. Dopo alcune analisi ho verificato che il problema accadeva allo scadere della durata del token LTPA e dopo aver inserito alcune trace abbiamo verificato questi tipi di errore Sul Node Agent: [11/3/17 17:05:35:849 CET] 0000006b AdminServiceI 3 i
8
IBM Docs 2.0 CR3 available for download
Wed, Nov 1st 2017 11:04a   Matteo Bisi
IBM has relased on fixcentral the new IBM Docs 2.0 CR3 with some very interesting update like Support for the Conversion Server on Linux and track changes functionality, to see who has modified what inside documents. This are othere features released in this upgrade: Enabled the Notification API of editing session start and end for 3rd party repository integration. Watermark with real time information can be customized in File Preview of Document and Spreadsheet files. Added Cell Protection s
5
IBM Jump Session: IBM Domino Applications on Cloud - 8 November 2017
Wed, Nov 1st 2017 10:56a   Matteo Bisi
As you probably know some weeks ago IBM has announced a new service named Domino Application on Cloud , to host customers application inside Domino Docker container on Bluemix. IBM Support has scheduled a Jump session on this topic for 8 November 2017 with the following key arguments: Introduction to the offeringHow it is structuredPre-requisitesConfigurationStart-up options This webinar is scheduled for: Date: Wednesday, November 8, 2017 Time: 10:00 AM EST (15:00 UTC/GMT, UTC-5 hours) for 60




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition