locked
Emails blocked from an automated system RRS feed

  • Question

  • We have a few clients that send us automated emails from an address such as ghto@system1.company.com.  Our Exchange server doesn't let them through.  When I run an email validity test online it fails, because you can't send email to this address.  Now I know the address is valid, but how do I get Exchange to allow them through?

    We are still in the midst of a cutover to Exchange 2010, so I still have Exchange 2003 in the mix.  I do all my block and exceptions still on the Exchange 2003 box. I've added the particular address and a wildcard entry for the domain, but they still can't get through.

    Am I missing something on this particular setup?  Once I install the Edge Transport in our organization and pull out Exchange 2003, will I have more success?  More options maybe?

    Monday, March 19, 2012 4:36 PM

Answers

All replies

  • What does message tracking say? Is the Exchange recipient a user or a group? Does the Exchange recipeint have any restrictions on who it can only receive email from? If it's a group is it set to require all senders are authenticated?

    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    Monday, March 19, 2012 4:42 PM
  • I'm not seeing much in the message tracking.  The recipient is a user with no restrictions for who he can receive email from.  

    Here is the bounce back message the other side is receiving. It's very confusing because of all the different names. At what point do you say it truly is the other end.

    Diagnostic information for administrators:

    Generating server: z10.zixworks.com   #this is there server generating the message.

    mail.ourcompany.com #<mail.ourcompany.com #5.7.1 smtp; 550 5.7.1 Sender ID (PRA) Domain Does Not Exist> #SMTP#

    Original message headers:

    Received: from vmv.z10.company.com (ZixVPM [127.0.0.1])

          by Outbound.z10.company.com (Proprietary) with ESMTP id 863ED4BCFC

          for <user@ourcompany.com>; Fri, 10 Feb 2012 13:10:07 -0600 (CST)

    Received: from ghto.system1@company.com (ghto.system1@company.com [30.x.x.x])

          by fx3.company.com (Postfix) with SMTP id B9CF578098;

          Fri, 10 Feb 2012 13:10:03 -0600 (CST)

    Date: Fri, 10 Feb 2012 14:10:03 -0500

    Subject: Letter 

    From: ghto.system1@company.com

    Sender: ghto.system1@company.com

    To: user@ourcompany.com

    X-Mailer: 9.02.02M3P041310

    MIME-Version: 1.0

    Content-Type: text/plain


    • Edited by sheld0r Monday, March 19, 2012 6:06 PM
    Monday, March 19, 2012 6:03 PM
  • Looks like you are blocking their domain because they don't have a sender id spf record. You need to add an exception for their domain.

    http://www.allspammedup.com/2009/01/managing-whitelists-and-blocklists-for-exchange-server-environments/


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    • Marked as answer by sheld0r Monday, March 19, 2012 6:41 PM
    Monday, March 19, 2012 6:15 PM
  • Looks like you are blocking their domain because they don't have a sender id spf record. You need to add an exception for their domain.

    http://www.allspammedup.com/2009/01/managing-whitelists-and-blocklists-for-exchange-server-environments/


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    Aha! That makes total sense! That's an excellent link too.  So with that being said, I can't really do anything about it until I bring up my Edge Transport server and completely retire Exchange 2003, is that correct?  I don't have any anti-spam components in our Exchange 2010 environment.  All anti-spam features are currently being carried out by our Exchange 2003 box. 
    Monday, March 19, 2012 6:41 PM
  • Ahh for 2003 try this link for the exception.

    http://exchangepedia.com/2006/12/imf-wheres-the-whitelist.html


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    • Marked as answer by sheld0r Monday, March 19, 2012 8:01 PM
    Monday, March 19, 2012 6:54 PM
  • Ahh for 2003 try this link for the exception.

    http://exchangepedia.com/2006/12/imf-wheres-the-whitelist.html


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    This will also help until I can successfully retire Exchange 2003.  Thank you very much!!! Much appreciated! 
    Monday, March 19, 2012 8:02 PM
  • I followed the instruction from the 2003 link for setting up a Global Accept and Deny List Configuration.  Bounce back message shown below.  At what point do you say the other side is the problem?  I hate having to point fingers, but at this point I've added the other sides external IP address to a whitelist and they are still getting a bounce back message.

    Diagnostic information for administrators:
     
    Generating server: CH1MMR1-001.057d.mgd.mfts.net
     
    mailto:jim.bob@ourcompany.com
    #550 5.1.3 STOREDRV.Submit; invalid recipient address #SMTP#
     
    Original message headers:
     
    Received: from CH1MMR1-001.057d.mgd.mfts.net ([169.254.2.60]) by
     CH1MMR1-001.057d.mgd.mfts.net ([202.27.52.10]) with mapi id
     14.01.0355.003; Tue, 20 Mar 2012 13:02:35 -0500
    Content-Type: application/ms-tnef; name="winmail.dat"
    Content-Transfer-Encoding: binary
    From: "Jones, Tom" <Tom.Jones@company.com>
    To: "mailto:jim.bob@ourcompany" <jim.bob@ourcompany.com>
    Subject: Test eMail FAILED - from Tom Jones at OtherCompany
    Thread-Topic: Test eMail FAILED - from Tom Jones at OtherCompany
    Thread-Index: AQHNBsOhv+Y7ru21o0qTgBvtfdO0eQ==
    Date: Tue, 20 Mar 2012 13:02:35 -0500
    Message-ID: <D7B3F73629E58447ADB8241B19F9175F0318BFDB@056-CH1MMR1-001.057d.mgd.mfts.net>
    Accept-Language: en-US
    Content-Language: en-US
    X-MS-Has-Attach:
    X-MS-TNEF-Correlator: <D7B3F73629E58447ADB8241B19F9175F0318BFDB@CH1MMR1-001.057d.mgd.mfts.net>
    MIME-Version: 1.0
    X-Originating-IP: [10.20.30.40]


    Tuesday, March 20, 2012 11:06 PM
  • Who is

    Generating server: CH1MMR1-001.057d.mgd.mfts.net

    Is this your server or theirs? If their server that's generating the ndr for them with invalid recipient then it's something local to their system perhaps thay have an invalid contact for your recipient.


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    Wednesday, March 21, 2012 3:13 AM
  • Who is

    Generating server: CH1MMR1-001.057d.mgd.mfts.net

    Is this your server or theirs? If their server that's generating the ndr for them with invalid recipient then it's something local to their system perhaps thay have an invalid contact for your recipient.


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    The generating server CH1MMR-1-001.057d.mgd.mfts.net is on their end.  They are sending to the correct address, yet they say I'm the one that's rejecting the email. 
    Wednesday, March 21, 2012 4:04 PM
  • I don't think the message was submitted to their exchange store and their exchange store denied it right away. Usually this can happen if their user as a bad contact for bob@ourcompany.com in their address book or possibly using a mailmerge. You can tell this is the case if you look at the header it shows the "mailto"

    To: "mailto:jim.bob@ourcompany" <jim.bob@ourcompany.com>


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    Thursday, March 22, 2012 7:07 PM
  • I don't think the message was submitted to their exchange store and their exchange store denied it right away. Usually this can happen if their user as a bad contact for bob@ourcompany.com in their address book or possibly using a mailmerge. You can tell this is the case if you look at the header it shows the "mailto"

    To: "mailto:jim.bob@ourcompany" <jim.bob@ourcompany.com>


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    I know they are using a 3rd party for encryption from Zix Corp http://www.zixcorp.com/privacy-policy/  I strongly feel this is the problem, because if they don't send from that automated system, the emails come through no problem. 

    Thursday, March 22, 2012 9:30 PM