My collegues and myself havent recieved any email notifications since early January.I get the non-stop sales/advertising emails about every Bentley product there is, but the communities notifications have stopped.
Just wondering if this has happened to any one else or if i need to get my IT to look into it.
I got an email notification for this message. possible it's getting rejected by your email server?
Thanks Kevin for confirming that. I found out we rejected the emails due to SPF Sender Invalid...
Nathan Banks said:I found out we rejected the emails due to SPF Sender Invalid
does it mean the problem is on Bentley's side?
It seems to me that some e-mails have not been delivered from BE Communities in last few days/weeks also. But it's weird some e-mails are fine, but e.g. when I reply to a discussion, so I should be singed for e-mail notification automatically, these e-mails are not delivered.
Labyrinth Technology | dev.notes() | cad.point
Yes. I just checked. Emails from communities come from communities.bentley.com. The DNS SPF records for that domain specify a single IP address allowed to send email for communities, the emails I've recieved so far are not from that ip address.
I can see the SPF fail notices in the headers. I assume mine come through because i whitelisted *bentley.com.
Bentley has to fix this in their DNS setup. I think there is a board for reporting this.
We (Bentley) are working on a fix to this SPF issue. Thank you for your patience.
Jesse DringoliTechnical Support Manager, Haestad ProductsBentley Communities Site AdministratorBentley Systems, Inc.
Jesse Dringoli said:We (Bentley) are working on a fix to this SPF issue. Thank you for your patience.
thanks for the information, because it seems to getting worse, not better.
I do not understand a bit "are working", because to change SPF is 5 minutes work and this change is published to the rest of Internet in a few hours. Nothing complicated, I do it for domains I own from time to time also.
hahaha, welcome to the world of enterprise level network management. The trick isn't (mostly) making the change, it's knowing what to change the field too.
I checked the email headers on notices i've been getting from the communities. They're routed from telligent.com. That means their SPF (and if they add DKIM and DMARC) info has to come from telligent. More than likely telligent has hundreds of servers. Hopefully telligent has a published SPF field that Bentley can add to their SPF record "just use this SPF record from this company over here..." and when telligent updates their records bentley won't be caught out again.
Next, they've probably also outsourced their DNS. Which means once they have what the records should actually be, they need to file a change request with their DNS company. Depending on who that is it may take awhile.
I agree that when a company has become enterprise, simple things start to be often complicated. Especially when there is nobody who is responsible for a particular area / service / issue ... or he share more responsibilities as often in Bentley.
On the other hand, to change DNS settings is simple task that is done in one place through web interface and is proposed to the rest of DNS servers automatically. I do the same when I am informed about necessary change despite of I know very little about DNS technical details. For my domains it's as simple "for Office 365 / Exchange server, copy paste this TXT record, the same for my webs and A and CNAME records).
So to me it looks silly that such basic configuration with potentially huge impact as SPF can be left wrong for longer than a day. Somebody does not do his work right ... but maybe such person does not exist.
Changing records on my domain is a quick process too, but I'm sure a large company would need to go through a change process to make changes in a controlled way.
There appears to be an issue around the QA. These basic things shouldn't be happening if the correct checks were done. Lots of issues like this continue to slip out the front door, which leads to a lot of wasted time fault finding for them (then being told there's a defect already filed. lol).