locked
Home Exchange lab - DNS issue? RRS feed

  • Question

  • Hi,

    I’m trying to configure a home Exchange lab using virtual box. I want to be able to simulate sending outbound mail from Exchange through MIMEsweeper to test policies. So far I have configured the following 2 servers, both servers can ping each other by both name and IP address.

    1.       AD/Exchange 2007 server running CAS/HT/Mailbox roles

    2.       MIMEsweeper Server

    I have configured one send connector on the Exchange server with the following settings:

    ·         Address space of *

    ·         route mail through the following smarthosts – IP address of MIMEsweeper server

    ·         Source Server – Exchange Server

    MIMEsweeper is fully configured to handle mail from the Exchange server/domain.

    If I send an Email to a fictitious domain (user@test.com) I receive the following NDR so the mail isn't even leaving Exchange:

    #550 5.1.1 RESOLVER.ADR.RecipNotFound; not found ##

    Can anyone please suggest how I can get this working?

    Regards

    Andrew

    Tuesday, July 19, 2011 11:12 AM

Answers

  • On Tue, 19 Jul 2011 13:36:42 +0000, ahughes76 wrote:
     
     
    >2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,15,172.20.0.1:1318,172.20.0.10:25,>,RCPT TO:<andrew@test.com>,
    >2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,16,172.20.0.1:1318,172.20.0.10:25,<,550 5.7.1 Unknown recipient <andrew@test.com> was submitted by host <172.20.0.1>. Sender address was <Administrator@mydomain>.,
     
     
    Is 172.20.0.1 your Exchange server? Is 172.20.0.10 your MimeSweeper
    machine? If so, 172.20.0.10 is returning the 550 status and Exchange
    just reports the problem to the sender. The message certainly won't be
    sent by Exchange if the receiving server returns an error status code
    to the only RCPT TO address.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Proposed as answer by Terence Yu Wednesday, July 20, 2011 5:53 AM
    • Marked as answer by Terence Yu Wednesday, July 27, 2011 12:53 AM
    Wednesday, July 20, 2011 12:59 AM
  • Hi
      
    According to your log:
       Send connector: MSW-DMZ (IP: 172.20.0.1:1318)
       MIMEsweeper: 172.20.0.10:25
       2011-07-19T13:25:45.844Z,
       MSW-DMZ,
       08CE142E80243527,16,
       172.20.0.1:1318,172.20.0.10:25,
       <,550 5.7.1 Unknown recipient <
    andrew@test.com> was submitted by host <172.20.0.1>. Sender address was <Administrator@mydomain>.,
       “<” indicates that’s an Receive event from MIMEsweeper server,.
       so it seems that MIMEsweeper has certain recipient filtering/checking-related relevant function.  
       I also find similar case about MIMEsweeper.
      
    http://social.technet.microsoft.com/Forums/en-CA/exchangesvrtransport/thread/1046de0f-a6e8-41a0-8177-3878d153b3b9
       The Mimesweeper relaying to the wrong IP address

    • Marked as answer by Terence Yu Wednesday, July 27, 2011 12:53 AM
    Wednesday, July 20, 2011 7:18 AM

All replies

  • Hi,

    Your Exchnage server configuration sounds OK. You are sure that it is not the MimeSweeper server that refuses to accept the mail because it doesn't know what to do with it?

    If you enable SMTP logging on the send connector you can tell from the logfile if that is the case

     

    Leif

    Tuesday, July 19, 2011 11:45 AM
  • Leif,

    Please find below the SMTP log:

    2011-07-19T13:25:45.766Z,MSW-DMZ,08CE142E80243527,0,,172.20.0.10:25,*,,attempting to connect
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,1,172.20.0.1:1318,172.20.0.10:25,+,,2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,2,172.20.0.1:1318,172.20.0.10:25,<,220 SMTP Relay,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,3,172.20.0.1:1318,172.20.0.10:25,>,EHLO srv-exch.mydomain,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,4,172.20.0.1:1318,172.20.0.10:25,<,250-mydomain,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,5,172.20.0.1:1318,172.20.0.10:25,<,250-SIZE 0,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,6,172.20.0.1:1318,172.20.0.10:25,<,250-ETRN,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,7,172.20.0.1:1318,172.20.0.10:25,<,250-ENHANCEDSTATUSCODES,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,8,172.20.0.1:1318,172.20.0.10:25,<,250-DSN,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,9,172.20.0.1:1318,172.20.0.10:25,<,250-VRFY,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,10,172.20.0.1:1318,172.20.0.10:25,<,250-AUTH ,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,11,172.20.0.1:1318,172.20.0.10:25,<,250 8BITMIME,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,12,172.20.0.1:1318,172.20.0.10:25,*,4,sending message
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,13,172.20.0.1:1318,172.20.0.10:25,>,MAIL FROM:<Administrator@mydomain> SIZE=3374,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,14,172.20.0.1:1318,172.20.0.10:25,<,250 2.0.0 Administrator@mydomain OK,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,15,172.20.0.1:1318,172.20.0.10:25,>,RCPT TO:<andrew@test.com>,
    2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,16,172.20.0.1:1318,172.20.0.10:25,<,550 5.7.1 Unknown recipient <andrew@test.com> was submitted by host <172.20.0.1>. Sender address was <Administrator@mydomain>.,
    2011-07-19T13:25:45.907Z,MSW-DMZ,08CE142E80243527,17,172.20.0.1:1318,172.20.0.10:25,>,QUIT,
    2011-07-19T13:25:45.907Z,MSW-DMZ,08CE142E80243527,18,172.20.0.1:1318,172.20.0.10:25,<,221 2.0.0 mydomain closing,
    2011-07-19T13:25:45.907Z,MSW-DMZ,08CE142E80243527,19,172.20.0.1:1318,172.20.0.10:25,-,,Local

    Tuesday, July 19, 2011 1:36 PM
  • On Tue, 19 Jul 2011 13:36:42 +0000, ahughes76 wrote:
     
     
    >2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,15,172.20.0.1:1318,172.20.0.10:25,>,RCPT TO:<andrew@test.com>,
    >2011-07-19T13:25:45.844Z,MSW-DMZ,08CE142E80243527,16,172.20.0.1:1318,172.20.0.10:25,<,550 5.7.1 Unknown recipient <andrew@test.com> was submitted by host <172.20.0.1>. Sender address was <Administrator@mydomain>.,
     
     
    Is 172.20.0.1 your Exchange server? Is 172.20.0.10 your MimeSweeper
    machine? If so, 172.20.0.10 is returning the 550 status and Exchange
    just reports the problem to the sender. The message certainly won't be
    sent by Exchange if the receiving server returns an error status code
    to the only RCPT TO address.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Proposed as answer by Terence Yu Wednesday, July 20, 2011 5:53 AM
    • Marked as answer by Terence Yu Wednesday, July 27, 2011 12:53 AM
    Wednesday, July 20, 2011 12:59 AM
  • Hi
      
    According to your log:
       Send connector: MSW-DMZ (IP: 172.20.0.1:1318)
       MIMEsweeper: 172.20.0.10:25
       2011-07-19T13:25:45.844Z,
       MSW-DMZ,
       08CE142E80243527,16,
       172.20.0.1:1318,172.20.0.10:25,
       <,550 5.7.1 Unknown recipient <
    andrew@test.com> was submitted by host <172.20.0.1>. Sender address was <Administrator@mydomain>.,
       “<” indicates that’s an Receive event from MIMEsweeper server,.
       so it seems that MIMEsweeper has certain recipient filtering/checking-related relevant function.  
       I also find similar case about MIMEsweeper.
      
    http://social.technet.microsoft.com/Forums/en-CA/exchangesvrtransport/thread/1046de0f-a6e8-41a0-8177-3878d153b3b9
       The Mimesweeper relaying to the wrong IP address

    • Marked as answer by Terence Yu Wednesday, July 27, 2011 12:53 AM
    Wednesday, July 20, 2011 7:18 AM