How to Add DNS Records - SPF, DKIM, DMARC - and Configure POP3 and IMAP4 Mail Protocols

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello everybody in a previous video we explored how to install Exchange Server and how to configure it for running ml server and in today's video I'm going to show you how to make sure that your emails reach their recipients instead of ending up in the spam folder and how to set up POP3 and iMap for mail protocols [Music] you need to recover deleted data view restore removed browsing history admon software products will help you follow the link in the description download the necessary program for free install it and analyze the disk the utility will show you the data you can recover so you'll be able to view it or get it back in our Channel and blog you will find solutions to any problem from installing an operating system or configuring it to fixing possible bugs and errors are optimized in Mobile gadgets our Specialists will answer any questions you ask in your comments under the videos or articles you need to add SPF decim and dmarc Records to your DNS hosting so that your emails go all the way to the recipients pass all the filters and don't get classified as spam SPF day Keem and dimark are essential settings that must be changed before starting a mail server these records prevent fraudsters from sending harmful mail to your on your behalf and if they are absent messages May leverage their recipients an SPF Send Their policy framework record ensures a kind of mutual understanding between the senders and the recipient's mail service it contains information about the mail servers that are allowed to send mail on your behalf when an SBF record is missing many mail services can just send all mail received from mailboxes within a certain domain into the spam folder regardless of the mail contents an SPF record is published on DNS service that serves a certain domain go to control panel of your DNS hosting and create the full colon takes the record [Music] by filling in all these fields the record contains such Keys as the SPF version the domain IP address the key a sets the rules for a specific domain by comparing the IP address of the sender with the IP address specified in the a records of the domain MX contains all server addresses specified in MX records of the domain the twiddle symbol means there is some deviation the mail will be accepted but marked as spam all means all addresses which are not specified in the record you will be able to add additional tags later but for now just click save foreign the second level of protection when data is transmitted in between mail servers is dkim the main Keys identified mail it helps to add a digital signature to all outgoing emails the recipient uses this signature to verify incoming emails the recipient email server sends a DNS request and receives a public key which is placed into the DNS bracket this key is then used to verify the email if the keys match the email is delivered to the recipient otherwise it is sent to the spam folder by default MS Exchange Server doesn't support dkim to configure it you need to install a third-party transport agent onto exchange and this agent is called exchange dikim signer after the installation it needs to be configured start the application and in the window that opens click configure then make sure that the agent exchange the key the assigner has the lowest priority that is placed at the bottom of the list this requirement is important so that emails are signed at the last stage after all possible changes made by other transport agents in the tab entitled dkim settings you can see which Fields will be signed by default they include from subject to date and message ID the main parameters are configured in the domain settings tab to add a domain click add give the domain name and selector that is the DNS record name and this is where you can either generate a new key or specify its location to create a public key click generate new key and it will appear in this window after that go to The Domain hosting control panel create a txt record with such name [Music] and paste your public key into the content field [Music] after the settings are configured click save domain the settings will apply automatically finally let's find out what is dmarc the main based message authentication or reporting and conformance is the level of protection that comes after SPF and dkim this record determines how to handle emails which have failed verification with SPF and deakin this is also the rule which is set for emails sent on your behalf before edit the mark it is important to make sure that SPF and the Kim are configured in the correct manner otherwise it may result in filtering your own outgoing emails to configure the demarcs go to the control panel of your DNS hosting and create a txt record like this foreign as the minimum requirement it should include the mechanism version and the policy during initial configuration it is recommended to set the policy as none it means do nothing just send a report later you'll be able to tighten your security by changing the record and adding more tags now that we are finished with the email setup you can check how it works by sending a test email from your mailbox at this stage I'm going to show you how to configure POP3 and IMAP 4 mail services by default POP3 and iMap for mail services are disabled for Exchange Server to configure client connections by IMAP and POP3 you need to start them and enable automatic startup open services [Music] find the service with the name Microsoft Exchange imap4 set its startup type to automatic and start the service then click apply and ok after that perform the same actions for the following Services Microsoft Exchange IMF for backend [Music] Microsoft Exchange Bob 3 foreign backend [Music] after the services are started you need to configure the certificate open exchange admin Center and go to servers [Music] certificates open the SSL certificate by double clicking on it jump to the services tab and check the boxes next to IMF and pop and click save now you need to connect the domain to POP3 and IMAP Services click on start Microsoft Exchange Server Exchange Management Shell and run this command type the first command for POP3 service and remember to specify the external domain Port 995 and SSL then the domain with word one one zero and the certificate name at the end open the certificate in the admin Center and copy its name after you run the command or restart path3 service in the service window right click on the service and choose restart [Music] then do the same to the other service POP3 backend after that run one more command to connect the IMAP service then restart the services IMAP and I'm at the cant at the next stage you should check if the folded ports are open for these services in your network and open them if necessary 995-993-110 and one four three access the network settings and open these ports for Exchange Server the next thing to do is to modify the receive connector options in the admin Center go to mail flow receive connectors client front-end Exchange open the scoping tab qdn change the domain from internal to external to mail.hadman software.com as in our example and click save after that you should specify the certificate which will be used to encrypt smt connections first of all you need to know the ID of the certificate that you want to bend to the services open Exchange Management Shell and run this command copy the certificate value then specify the certificate used to encrypt SMTP authenticated client connections this requires three commands to be used run the First Command and add the certificate value at the end after that run the second command and then the third command foreign to make sure that you have given the certificate that is used to encrypt SMTP authenticated client connections run another command as a result you'll get the certificate name this should be the name of the certificate you have given at the next stage you should check if these Protocols are enabled at the mailbox level if they are disabled users can't configure their profiles in Outlook to use part 3 and IMAP 4. however they should be enabled by default to check it open exchange admin Center go to recipients mailboxes open a specific account that is a mailbox and navigate to mailbox features and then check if the enable value is set for these services to see how the services work use the command test enter the password here you are success after that run a similar command for IMAP [Music] type the password to your account as you can see this configuration works as well to make sure that you enabled and configured IMAP 4 on The Exchange Server do the following visit the Microsoft website to use a special service that checks part 3 and IMAP protocols fill in all required fields and click perform test as you can see the test is successful but with a warning the matter is that Microsoft can't check the certificate chain this feature might be disabled or misconfigured for the server as for the SSL certificate I'm 100 confident about it so I'll just disregard this warning the service works properly [Music] now let's check Bob 3 protocol the same steps fill in the fields and click perform test the test is successful and you can see the same kind of warning [Music] now let's find out if male circle is the way it should in Outlook I'll set up connection via IMAP or POP3 protocol and send a test email foreign [Music] [Music] [Music] as you can see now my mails don't end up in the spam folder but reach the recipient without any errors [Music] now let's analyze a few errors that you may encounter in case of incorrect configuration or when DNS records are missing SPF the Keem or dmarc error 550 SPF check failed the error may look this way if an anti-spam tool is installed on the Microsoft Exchange Server this error means that the center's domain has an incorrect SPF record or that this sender is using a fake email address if the SPF DNS record is missing misconfigured or disabled when sending an email to an external email address but you can receive a message containing this error to eliminate the error add an SPF record to your DNS hosting when checking a demarc record this error can be observed this means that the email didn't pass verification it doesn't meet DeMark requirements the mark compliance error means that this email has failed SPF and decam verification tests such errors may have negative effects on delivering your emails as other mailboxes cannot verify your email address this is how a democ related error looks like usually it emerges during the Keem initial configuration after the application is updated or after the server migration it is often caused by errors in spelling attacks or in configuring the public key if the game record is missing or misconfigured you will receive an email with a warning and it applies to the demarc record if the mail looks like this change the settings for the corresponding record sum it up in today's video we have explored the simple and easy to use set of basic integrated tools available to any administrator thus let you improve the security of Microsoft's mail servers when properly configured dkim SPF and dmarc Records allow you to reduce the flow of spam and use letters and malicious emails to minimum however I've only shown you the basic configuration and the working principles to achieve full force protection some finer settings are required and that is all for now hopefully this video was useful remember to click the like button and subscribe to our Channel thank you for watching and good luck [Music] [Music]
Info
Channel: Hetman Software: Data Recovery for Windows
Views: 6,017
Rating: undefined out of 5
Keywords: How to configure SPF, DKIM, DMARC, POP3, IMAP4, dkim signature, antispam, emails go to spam, error 550 5.7.1, 550 5.6.11, 550 5.4.1, error mx.google.com rejected your messages to such addresses email, spf dns record, how to enable POP3 and IMAP4 Exchange Server, hosting, spf for domain, Exchange DKIM Signer, Message Failed DMARC Compliance, SPF check failed, How to configure in Outlook Pop3 and IMAP4
Id: w4IA6Q81r8I
Channel Id: undefined
Length: 17min 18sec (1038 seconds)
Published: Thu Jan 05 2023
Related Videos
Email DNS Master Course | SPF + DKIM + DMARC Explained
Emad Zaamout
51K
SPF, DKIM, DMARC was never so simple! // EasyDMARC
Christian Lempa
22K
Building an Ubuntu mail server with Postfix, Amavis, SpamAssassin, ClamAV, Dovecot, and OpenDMARC
Sidequest Ninja
18K
Mail server DNS records - setup and configuration explained
Christian Lempa
118K
Microsoft 365 Email Security: Configuring SPF, DKIM, DMARC and Defender for Office 365
TDSheridan Lab
7.8K
DNS Records Explained
PowerCert Animated Videos
275K
How to Install and Configure a Postfix Mail Server with Dovecot on Linux Ubuntu
Hetman Software: Data Recovery for Windows
60K
host ALL your AI locally
NetworkChuck
774K
How to Secure Email & Improve Deliverability (DMARC Tutorial)
All Things Secured
41K
I Built a NAS: One Year Later. EVERYTHING I Learned and the Mistakes
Jimmy Tries World
794K
Intro to SPF, DKIM, and DMARC
T-Minus365
23K
Why I am Not Using OPNSense
Lawrence Systems
65K
DNS Records: Basic Guide to DNS Types
10Web | AI-Powered Website Builder
63K
How To Set Up Google Workspace SPF, DKIM & DMARC | Improve Email Deliverability
Stewart Gauld
108K
Don't Waste $1000 on Data Recovery
Linus Tech Tips
4M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.