SPF record not working with on-premise Exchange server

When you add an SPF record to your domain’s DNS and still messages can be sent with non-user email adresses (spoofed), this is probably the reason:

  1. SPF is not fully propagated
  2. Your on-premise exchange does not have any anti-spam agents installed.

You can check this with this Powershell command:

Get-TransportAgent 

When the anti-spam agents are not installed, install them with this PS command:

& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1

After these are installed, you should restart the Microsoft Exchange Transport Service:

Restart-Service MSExchangeTransport 


Source + more information:

http://markgossa.blogspot.be/2016/01/block-spoofed-email-exchange-2010-2013-2016-part1.html

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.