none
Exchange 2013 relaying (Inbound Proxy Internal Send connector acceptint external IPs?)

    Question

  • Exchange 2013 server all roles on one server.

    It is relaying mail somehow for non-existent users in the authorized domain. There were several hundred queues with DNS errors. And it is getting blacklisted. 

    However it does not show as an open relay on mxtoolbox.

    I think somehow messages are getting into the Inbound Proxy Internal Send Connector, and then out from there, 

    But get-connector does not show me this connector.

    2017-06-14T15:02:40.845Z,Inbound Proxy Internal Send Connector,08D4B3281E5F3ABB,119,10.0.0.x:32546,10.0.0.x:2525,>,XPROXYFROM SID=08D4B3281E5F3AC5 IP=14.174.144.246 PORT=11704 DOMAIN=static.vnpt.vn SEQNUM=1 PERMS=1073 AUTHSRC=Anonymous,
    2017-06-14T15:02:40.845Z,Inbound Proxy Internal Send Connector,08D4B3281E5F3ABB,120,10.0.0.11:32546,10.0.0.x:2525,<,250 XProxyFrom accepted,
    2017-06-14T15:02:40.845Z,Inbound Proxy Internal Send Connector,08D4B3281E5F3ABB,121,10.0.0.x:32546,10.0.0.x:2525,*,,sending message with RecordId 0 and InternetMessageId <004c01d2e4f5$05c1f393$6d11a0ae$@art-sound.ch>
    2017-06-14T15:02:40.845Z,Inbound Proxy Internal Send Connector,08D4B3281E5F3ABB,122,10.0.0.x:32546,10.0.0.x:2525,>,MAIL FROM:<sales@art-sou


    CarolChi

    Wednesday, June 14, 2017 3:09 PM

Answers

  • Tried all sort of things, but finally what worked:

    set-recipientfilterconfig -RecipientValidationEnabled $true

    However I do not understand why this should be necessary on this one server, as it is not a default setting. 


    CarolChi

    Wednesday, June 14, 2017 7:04 PM

All replies

  • Tried all sort of things, but finally what worked:

    set-recipientfilterconfig -RecipientValidationEnabled $true

    However I do not understand why this should be necessary on this one server, as it is not a default setting. 


    CarolChi

    Wednesday, June 14, 2017 7:04 PM
  • Hi

    Can you please enable enable protocol logging on the send connector and look at that log what exactly the problem is.

    With DNS Error means mails in the queues are unable to resolve the domain names, do the nslookup on your Exchange server and check the Name Resolution is OK.

    Where your send connector sending email what is your email gateway, are you using Exchange Edge for mail gateway or some other appliance you are using.

    Another issue can be Antispam solutions, SMTP proxies or firewall.

    Try changing the send connector to use mx record instead of smart host if any.

    Kindly click "Mark as Answer" on the post that helps you, this can be beneficial to other community members reading this thread.

    Regards.

    H.shakir


    Wednesday, June 14, 2017 7:23 PM
  • Hi,

    The RecipientValidationEnabled parameter specifies whether the Recipient Filter agent blocks messages addressed to recipients that don't exist in the organization. Valid input for the RecipientValidationEnabled parameter is $true or $false. The default setting is $false.

    When the RecipientValidationEnabled parameter is set to $true, the Recipient Filter agent blocks messages addressed to recipients that don't exist in the organization.

    Hope it helps.


    Regards,

    Jason Chao


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, June 15, 2017 3:15 AM
    Moderator