Posts Tagged ‘whitelist’

What a mission this was!

Oracle netsuite just flat out refuse to give you a list of IP Address’ for their sending servers

“Support will not provide a list of NetSuite IP addresses” https://docs.oracle.com/cloud/latest/netsuitecs_gs/NSADM/NSADM.pdf

Ontop of this there’s no way to use an internal domain name to send emails like noreply@email.netsuite.com , so there is no clear way to whitelist your spamfilter  ……

After back and forth with their support , they finally gave us sent-via.netsuite.com which you can do a DNS lookup of to get the IPs ( You will have to monitor this for updates ) . Mimecast allows you to whitelist via SPF record so we could add this

 

Name: sent-via.netsuite.com

> set type=txt
> sent-via.netsuite.com
Server: dns.google
Address: 8.8.8.8

Non-authoritative answer:
sent-via.netsuite.com text =

“google-site-verification=MgKgRWwbn2QifDQBVdRu-IQLvbiR8GFB1hNDz_fmzPU”
sent-via.netsuite.com text =

“v=spf1 include:mailsenders.netsuite.com include:_spf.sparkpostmail.com -all”
> mailsenders.netsuite.com
Server: dns.google
Address: 8.8.8.8

Non-authoritative answer:
mailsenders.netsuite.com text =

“v=spf1 ip4:167.216.129.180/32 ip4:167.216.129.182/31 ip4:167.216.129.184/29 ip4:167.216.129.192/29 ip4:167.216.129.200/32 ip4:167.216.129.210/32 ip4:64.89.45.192/30 “
“ip4:64.89.45.196/32 ip4:208.46.212.208/31 ip4:208.46.212.210/32 ip4:185.72.128.75/32 ip4:185.72.128.76/32 ip4:212.25.240.83/32 ip4:212.25.240.84/31 ip4:72.34.168.76/32 “
“ip4:130.61.9.72/32 ip4:130.61.68.235/32 ip4:132.145.13.209/32 ip4:132.145.11.129/32 ip4:152.67.105.195/32 ip4:140.238.193.139/32 ip4:152.67.105.20/32 ip4:72.34.168.86/32 ip4:72.34.168.85/32 “
“ip4:64.89.44.85/32 -all”
> _spf.sparkpostmail.com
Server: dns.google
Address: 8.8.8.8

Non-authoritative answer:
_spf.sparkpostmail.com text =

“v=spf1 exists:%{i}._spf.sparkpostmail.com ~all”
>

 

I also recommend you change the From address to a generic netsuite@yourdomain.com so easy to monitor

 

Dkim

NetSuite Email Campaign Best Practices

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently trying to release and whitelist an item using Barracuda’s cloud Spam filter. however was getting the below error:

The message couldn’t be downloaded either. Tried from Multiple pcs and still an issue

Trying the next day and the issue was fine which shows it must have been something on Barracuda’s side!

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Many internal companies use Newsletter services such as Mailchimp to email out internal newsletters. The From Address of this is usually an internal email address which means it will get rejected by the anti spoofing policy

Option 1

In Mimecast Administration Panel go to : 

Administration -> Gateway -> Policies -> Anti Spoofing SPF based Bypass

  1. Add the following Policy, this will only whitelist IP’s in your SPF Record,  so putting servers.mcsv.net will not work , you will also have to put “ip4:205.201.128.0/20 ip4:198.2.128.0/18 ip4:148.105.0.0/16” in your SPF record. If your SPF is over 255 characters : try option 2

 

Option 2

Administration -> Gateway -> Policies -> Anti Spoofing

Add the policy below , you can get a list of IP’s Mailchimp user here

Find the From Address its spoofing along with the IP

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Great a Computer Configuration Group Policy Object for Windows Firewall per below

Whitelist the below files Inbound and Outbound

C:\program files\mimecast\mimecast windows service\msddsk.exe ( 32 bit ) 

C:\program files (x86)\mimecast\mimecast windows service\msddsk.exe  ( 64 bit ) 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

If a website a being blocked from being viewed due to Fortinet web filter with the Category 

“newly observed domain” 

This is due to URLs whose domain name is not rated and were observed for the first time in the past 30 minutes. 

You can wait 30 minutes or you can use the Web Ratings Overrides below to change the category from newly observed domain to an accepted Category like Business and Finance

VN:F [1.9.22_1171]
Rating: 6.5/10 (6 votes cast)
VN:F [1.9.22_1171]
Rating: +1 (from 3 votes)