Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Caller ID
  •  
mitch

Messages: 24
Karma: 0
Send a private message to this user
Just upgraded to version 5.7.8 and would like to test out the new Caller ID functionality, but I can't seem to find any information on the web site or in the documentation.

Can somebody point me in the right direction?

Thanks.
  •  
RHarmsen.nl

Messages: 186

Karma: 0
Send a private message to this user
with Caller ID it is posible to protect your domain from being abused.

you could have looked here: http://www.kerio.com/callerid/
and found out that you could find moren information <at> microsoft
  •  
jshaw541

Messages: 462
Karma: 0
Send a private message to this user
You didn't look hard enough ;)

For KMS-specific information, select the 'Administration Guide' under the Help menu in the Admin Console AFTER you log onto your mail server with it.

To test out your configuration visit the below url. You can use my domain (sps.lane.edu) to see a test:
http://www.kerio.com/callerid/

For more general information on caller id, look at:
http://www.microsoft.com/mscorp/twc/privacy/spam_callerid.ms px

For specific instructions on configuring your dns server to support caller id, see:
http://download.microsoft.com/download/8/e/4/8e4bf400-a91f-4 9f0-9910-a291e489dc8b/callerid_senders.pdf

Hope that helps!

Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
RHarmsen.nl

Messages: 186

Karma: 0
Send a private message to this user
jshaw541 wrote on Mon, 12 April 2004 18:08

You didn't look hard enough ;)

For KMS-specific information, select the 'Administration Guide' under the Help menu in the Admin Console AFTER you log onto your mail server with it.

To test out your configuration visit the below url. You can use my domain (sps.lane.edu) to see a test:
http://www.kerio.com/callerid/

For more general information on caller id, look at:
http://www.microsoft.com/mscorp/twc/privacy/spam_callerid.ms px

For specific instructions on configuring your dns server to support caller id, see:
http://download.microsoft.com/download/8/e/4/8e4bf400-a91f-4 9f0-9910-a291e489dc8b/callerid_senders.pdf

Hope that helps!


the only way I have something usefull of Caller ID is by protecting my own domain. But somehow It doesn't work when I add it to the DNS (_ep.domein.com)

I recieve all mail through the MailRealy of my provider (they block port 25)
  •  
jshaw541

Messages: 462
Karma: 0
Send a private message to this user
RHarmsen.nl wrote on Mon, 12 April 2004 22:25


the only way I have something usefull of Caller ID is by protecting my own domain. But somehow It doesn't work when I add it to the DNS (_ep.domein.com)

I recieve all mail through the MailRealy of my provider (they block port 25)


It's kind of hard to understand what you wrote, but I'll take a stab. I believe adding the caller id records to your DNS domain records prevents spams from posing like they come from your domain, >IF< the mail server the spam is sent from supports Caller ID.

Example:

Spammer sends a message posing from spammer<at>yourdomain.com via the someotherdomain.com mail server. When the someotherdomain.com server gets the spammer's message, it does a DNS lookup for the _ep TXT record for yourdomain.com. Since the spammer's IP address is not in the _ep TXT record, the message is rejected as spam.

For us, it's easy, our domain has one SMTP server. If you have multiple SMTP servers for your domain, then you have a little tiny bit more work to do.

Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
RHarmsen.nl

Messages: 186

Karma: 0
Send a private message to this user
the DNS TXT record isn't published some how here (still figuring out why)

for the incoming mail, everything is routed throug mailrelay.planet.nl, because of this, it isn't posible for me to check CallerID, because everything seems to come from mailrelay.planet.nl, and they don't check SPAM, CallerID or whatever
  •  
jshaw541

Messages: 462
Karma: 0
Send a private message to this user
RHarmsen.nl wrote on Tue, 13 April 2004 12:21

the DNS TXT record isn't published some how here (still figuring out why)

for the incoming mail, everything is routed throug mailrelay.planet.nl, because of this, it isn't posible for me to check CallerID, because everything seems to come from mailrelay.planet.nl, and they don't check SPAM, CallerID or whatever


I'm not sure about your specific network topology and I was kinda digging around planet.nl with nslookup, but you should be able to implement caller id for your domain at some level.

Also, when I created the TXT record, I had to create a subfolder called _ep (in non-MS terms, a subdomain). Then, I created the TXT record under that. Just creating a TXT record called _ep at the domain level didnt seem to work on my setup and I still can't figure out why, because it should work the same to external people.

What's your network layout anyways? (If you don't mind spilling it on a public forum ;)

Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
jshaw541

Messages: 462
Karma: 0
Send a private message to this user
I should add that Caller ID is not a big deal quite yet, because hardly anyone is interested. The only major domain I found that's inserted the TXT records is Microsoft, who created Caller ID. Other than that, I've only found kerio.com and us, so far :)

It should also be noted that if you have Caller ID turned on, and a domain that doesnt have caller id sends you an email, it wont be rejected, so this isnt really a proactive approach, it's more reactive.

Still it's pretty cool though. I can't wait til yahoo.com and aol.com implement it, so we can finally stop having to implement weird rules to deal with legitimate mail from these domains.

Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
RHarmsen.nl

Messages: 186

Karma: 0
Send a private message to this user
DNS:
The only domain I have is RHarmsen.nl
the DNS is hosted by TransIP.nl

I got a WebInterface to administer it, and i Added a _ep. TXT record with nslookup I am able to get the record, but the interface on Kerio.com doesn't seem to be able to get it.
TXT record has:
<ep xmlns=’http://ms.net/1’ testing=’true’><out><m><a>mail.rharmsen.nl</a></m></out></ep>

NSlookup:
_ep.rharmsen.nl text = "<ep xmlns='http://ms.net/1' testing='true'><out><m><a>mail.rharmsen.nl</a></m></out></ep>"



Further my server is connected through an ADSL line of Planet.nl (ISP) they block all incoming port 25 from outside the Planet network. the only workaround is relaying everything (inbound) through mailreplay.planet.nl (in DNS: MX mail.rharmsen.nl 10, MX mailrelay.planet.nl 20)

that mailrelay doesn't seem to have any SpamFiltering (only filters relaying so the Planet network doesn't become a Relay network thats also why port 25 is closed)
so it won't be usefull to check for CallerID for me to detect spam, cause everything comes from mailrelay.planet.nl (witch is nowhere in the TXT record)

I hope you understand how it is setup now.


EDIT:
I just rechecked with Kerio, and it seems ok now

EDIT2:
I guest I realy have to complain with my ISP, but I understand why they block port 25

[Updated on: Tue, 13 April 2004 22:22]

  •  
mkanat

Messages: 70

Karma: 0
Send a private message to this user
Earthlink.net has one, now. Smile

Maxwell Kanat-Alexander
2nd Level Support Engineer, USA
Kerio Technologies
  •  
oulianov

Messages: 5
Karma: 0
Send a private message to this user
I have inserted _ep record, but it looks not so correct: kerio.com/callerid reports OK, but KMS reports a warning “Parse error in Caller-ID record for domain MYDOMAIN.com: Can not read attribute”. It is what nslookup says:

> set type=all
> _ep.MYDOMAIN.com
Server: UnKnown
Address: 192.168.XXX.XXX

Non-authoritative answer:
_ep.MYDOMAIN.com text =

"<ep"
"testing='true'"
"xmlns='http://ms.net/1'><out><m><mx/></m></out></ep>"

MYDOMAIN.com nameserver = ns2.MYISP.com
MYDOMAIN.com nameserver = ns.MYISP.com
ns2.MYISP.com internet address = XXX.XXX.XXX.XXX
ns.MYISP.com internet address = XXX.XXX.XXX.XXX
> _ep.kerio.com
Server: UnKnown
Address: 192.168.XXX.XXX

_ep.kerio.com text =

"<ep xmlns='http://ms.net/1' testing='true'><out><m><a>195.39.55.2</a><a
>67.127.65.201</a><a>195.39.55.5</a><a>195.39.55.11</a ><a>195.39.35.48</a></m></
out></ep>"
kerio.com nameserver = ns.winroute.cz
kerio.com nameserver = ns.winroute.com
ns.winroute.cz internet address = 195.39.55.4
ns.winroute.com internet address = 194.213.194.16
>

And the DNS:

<at> IN NS ns.MYISP.com.
<at> IN NS ns2.MYISP.com.

<at> IN MX 10 <at>
_ep IN TXT (<ep testing='true' xmlns='http://ms.net/1'><out><m><mx/></m></out></ep>)

<at> IN A XXX.XXX.XXX.XXX
* IN CNAME <at>

Should I use another common syntax tricks (in order to split these 3 lines) like %20
or I have an error in this DNS records
or my DNS provider need to support these TXT records more carefully
or KMS need to be more omnivorous :)?

Previous Topic: Support for Multiple SSL Certificate
Next Topic: Strong password GPO's and KMS
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Nov 23 19:49:20 CET 2017

Total time taken to generate the page: 0.00476 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.