Microsoft 365 and Office | Subscription, account, billing | For home | Windows
Microsoft 365 features that help users manage their subscriptions, account settings, and billing information.
Hi Tris,
Any updates?
Thanks,
Sam
SPF - Spoofed E-Mails False Positives
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
Hi
I have Office 365 set up for a client
They are using the Office 365 Exchange, but their website is hosted on my server with a general website and an online shop system (OpenCart)
The online shop emails orders to a specific mailbox (naturally on the Office 365 Exchange)
However all e-mails from the OpenCart shop are classed as Junk mail marked as;
[This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing]
I would suspect this check would be using SPF as that's the only way to see if an email source is authorised to send emails on behalf of the domain.
the DNS are on my server... naturally I added the Microsoft SPF settings as requested when setting up Office 365 Exchange
I also left on the correct IP for the webserver hosting the OpenCart system, I have checked the emails coming in that they are from that IP too and they are.
Does Microsoft have a hidden alternative SPF list or use the one on your DNS settings?
Have I missed something?
MY SPF settings are;
v=spf1 include:spf.protection.outlook.com include:servers.mcsv.net ip4:217.xxx.xxx.xxx-all
In the email received header I see this line that looks most relevant;
Authentication-Results: spf=none (sender IP is 217**.xxx.xxx.xxx**)
smtp.mailfrom=dsXXXX.dedicated.turbodns.co.uk; domain.co.uk;
Obviously the bits in bold have been edited for protection, but the 217.xxx.xxx.xxx match precisely. I don't quite get why it says 'spf=none'??
do I need to add in the actual domains to? confused as they would just resolve to the IP already listed?
Any Help gratefully appreciated
thanks
Tristan
Microsoft 365 and Office | Subscription, account, billing | For home | Windows
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
4 answers
Sort by: Most helpful
-
Anonymous
2017-01-11T13:56:35+00:00 -
Anonymous
2017-01-08T14:11:44+00:00 Hi Tris,
I have checked the information in private message. The SCL value is 5 so the email was marked as spam. Also I checked in the mail headers and found that the email was marked as spam by the spam filter policy in the Office 365 tenant and then moved to the Junk folder. You may refer to the articles below for more details.
https://technet.microsoft.com/en-us/library/mt712724(v=exchg.150).aspx
https://support.microsoft.com/en-us/kb/3089691
And you can add the Opencart domain to the allow list in spam filter to see if the issue can be resolved.
Then about the DKIM and DMARC records, you can refer to the following articles:
Use DKIM to validate outbound email sent from your custom domain in Office 365
Use DMARC to validate email in Office 365
Regards,
Yang
-
Anonymous
2017-01-07T22:10:23+00:00 Hi
- Yes SPF is set up as follows (as said in my original message)
v=spf1 include:spf.protection.outlook.com include:servers.mcsv.net ip4:217.xxx.xxx.xxx-all
The ip4 being the webserver that Opencart is on
- I have followed your link and that confirms SPF should be fine, however it also talks about DKIM and DMAC but not how to configure them?
I will now go any respond to your private message
thanks
Tris
-
Anonymous
2017-01-07T20:41:37+00:00 Hi Tristan,
I understand your client is using Office 365 Exchange and all the emails from the OpenCart shop are not received properly by them. Based on my experience, this kind of issue might be related to an incorrectly configured Sender Policy Framework (SPF). To troubleshoot the issue, I’d like to confirm the following details at first:
- Generally, the SPF record in Office 365 should be v=spf1 include:spf.protection.outlook.com -all. Based on your description, it seems you’ve customized it, right? If so, I’d like to confirm if you checked the SPF TXT record syntax for Office 365 before doing so?
- If you’ve followed the syntax strictly, please use the tool suggested in the following article to check if the syntax is correct.
- I have sent you a private message to collect the entire mail header of the ‘junk’ email for further analysis. Here is the link to access the private message:
https://answers.microsoft.com/en-us/privatemessages/list
Thanks,
Sam