Export (0) Print
Expand All

Validate and Enable Domains

 

Applies to: Forefront Online Protection for Exchange

Topic Last Modified: 2012-03-09

importantImportant:
This topic applies only to customers using FOPE in a stand-alone environment, and not as part of the Microsoft Office 365 or Live@edu services. Microsoft Office 365 and Live@edu customers cannot validate (verify) domains in the FOPE Administration Center. For more information about validating domains in Office 365 or Live@edu, consult the Office 365 for enterprises, Office 365 for small businesses, or Live@edu documentation.

Before you can begin using the Forefront Online Protection for Exchange (FOPE) filtering service with a domain, you must validate the domain in the FOPE Administration Center. When you validate a domain, you prove that your company is the owner of the domain and that you have the right to process email for that domain through FOPE.

There are two ways that you can validate a domain. The recommended method for validating a domain is by adding a TXT record to the domain within the Domain Name System (DNS). However, if your domain registrar does not support TXT records, or if it only supports a certain amount of TXT records that are already in use, you can also validate a domain by adding a mail exchanger (MX) record that points to an invalid address.

Validate a domain by adding a TXT record
  1. In the FOPE Administration Center, click the Administration tab, click the Domains tab, and then under Views, click All Domains.

  2. In the Domains list, click the domain that you want to validate (or search for the specific domain you want to validate by using the search box). The domain details page appears.

  3. In the Tasks pane, click Validate Domain. You can also click the link under the domain name.

    In the Validate Domain dialog box, you can see the domain name, record type (TXT), and the value for the text record that needs to be added to the Domain Name System (DNS). For example:

     

    Domain:

    contoso.com.

    Record Type:

    TXT

    Value

    v=msv1 t=AF737E80-C93E-48f1-BA85-71B4C6478070

  4. Click the Copy link to the right of the value.

  5. Outside of the Administration Center, open the DNS management tool for the domain you want to validate. (There is a variety of DNS management tools provided by network service or DNS providers. For assistance with how to manage your particular domain namespace, contact your network service provider or DNS provider.)

    Add a TXT record and paste the copied value to that record in the domain’s DNS settings (or ISP domain's DNS settings). The steps required for adding the TXT record can differ depending on your DNS provider.

  6. After you have successfully added the TXT record to your DNS settings you need to wait for the domain DNS changes to propagate across all DNS servers on the Internet. This can take up to 72 hours. Once you have verified that the changes have propagated correctly, return to the Validate Domain dialog box in the Administration Center and click Validate to begin the validation process. During the validation process, a DNS query is conducted to verify if a TXT record present in your domain matches this value. A match on the value from any TXT record validates the domain.

  7. Once the domain has been validated, click Enable Domain in the Tasks pane for that domain to enable the domain.

You can repeat these steps to validate and enable additional available domains.

To add other domains for use with your FOPE service, go to Add Other Domains If Desired. Otherwise, proceed to Set up Inbound Email Filtering.

Validate a domain by adding an alternate MX record that points to an invalid address
  1. In the FOPE Administration Center, click the Administration tab, click the Domains tab, and then under Views, click All Domains.

  2. In the Domains list, click the domain that you want to validate (or search for the specific domain you want to validate by using the search box). The domain details page appears.

  3. In the Tasks pane, click Validate Domain. You can also click the link under the domain name.

  4. In the Validate Domain dialog box, click the Use Alternate Method button.

    In the Alternate Validate Domain dialog box, you can see the domain name, record type (MX), and the address where FOPE will send email. For example:

     

    Domain:

    contoso.com.

    Record Type:

    MX

    Address

    AF737E80-C93E-48f1-BA85-71B4C6478070.msv1.invalid

    importantImportant:
    The MX address shown above does not resolve to an IP address. This means that this record can be safely added to your existing MX records without disrupting mail flow, provided that your existing MX records remain unchanged throughout the validation process. This is the case regardless of the preference (or priority) that you select for this MX record.
  5. Click the Copy link to the right of the value.

  6. Outside of the Administration Center, open the DNS management tool for the domain you want to validate. (There is a variety of DNS management tools provided by network service or DNS providers. For assistance with how to manage your particular domain namespace, contact your network service provider or DNS provider.)

    Add an alternate MX record and paste the copied value to that record in your domain’s DNS settings (or ISP domain's DNS settings). Do not delete or change your existing MX record. The steps required for adding an MX record can differ depending on your DNS provider. (An example: In your domain DNS settings, add a resource record of type MX, and paste the value that you copied as the value of the MX record. Save the changes in your DNS record, and then log out of your domain registrar account.)

  7. After you have successfully added the alternate MX record you need to wait for the domain DNS changes to propagate across all DNS servers on the Internet. This can take up to 72 hours. Once you have verified that the changes have propagated correctly, return to the Alternate Validate Domain dialog box in the Administration Center and click Validate to begin the validation process. During the validation process, a DNS query is conducted to verify if your domain contains an MX record matching the address appearing in this dialog box. A match validates the domain.

  8. Once the domain has been validated, click Enable Domain in the Tasks pane for that domain to enable the domain.

Repeat these steps to validate and enable additional available domains that cannot be validated via TXT record updating. Keep in mind, however, that TXT record updating is the preferred method of domain validation.

To add other domains for use with your FOPE service, go to Add Other Domains If Desired. Otherwise, proceed to Set up Inbound Email Filtering.

warningWarning:
Because you have successfully validated this domain, it is recommended that you delete this invalid MX record since it has already served its purpose and FOPE-enabled domains perform optimally with only one MX record. Later during the setup process, when you configure inbound email filtering, you will update your other existing MX record to point to mail.messaging.microsoft.com.

noteNote:
  1. If both TXT and MX record updates are not available in your domain, it is recommended that you work with your domain registrar to see if they can perform the domain update on your behalf. If they cannot, contact FOPE Technical Support who can guide you through a manual validation process.
  2. Propagation of domain DNS changes across all DNS servers on the Internet can take up to 72 hours to be in effect. If the domain validation fails, wait a little longer and then try again. If the domain validation is still failing after 72 hours, check your domain's TXT record to verify that it is correct. If you have verified the record and the validation is still failing, contact Technical Support for help.
  3. Although prior domains already validated by CNAME record updates are not affected, this method is no longer supported for domain validation; use TXT records instead.
 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft