Can't send mail to user on new backend Server 2019 due to SPF failures? RRS feed

  • Question

  • Firstly sorry if the header doesn't describe the issue correctly, and also if this is long, I try to put as much detail into these things as possible.

    I have had a working Exchange 2013 (A) on=premises setup for the last five years, and have now purchased a new server (B) and installed 2019 on it, I obviously want to ensure it's working before I decommission the 2013 box.

    Ultimately it will send and receive emails directly via the spam filter appliances, as (A) does currently, but at the moment, it's running as a back-end device serviced by (A) until it's ready to replace (A) completely.

    I moved a single mailbox from (A) to (B) and can access it via OWA and Outlook, I can send email OUT no problem and replies from my gmail account apparently work fine, but if I email (B)user from someone internally on (A) it arrives, but replies fail.

    *edit* Sorry, I miss-wrote this bit.

    "but if I email (B)user from someone internally on (A) it arrives, but replies fail."

    It should read "but if I email an (A)user from B(user) it arrives, but replies fail back to B(user)."

    Subject: Test 3 
    This message hasn't been delivered yet. Delivery will continue to be attempted.
    The server will keep trying to deliver this message for the next 1 days, 19 hours and 57 minutes. You'll be notified if the message can't be delivered by that time.
    Diagnostic information for administrators:
    Generating server: (A)
    Remote Server returned '400 4.4.7 Message delayed'

    Also, if I email from my personal domain email address to (B)user I get additional information to the above:

    Received-SPF: fail ( (A).internal.domain: domain of does not designates 192.168.x.x as permitted sender) client-ip=192.168.x.x
    Authentication-Results: (A).internal.domain;

    192.168.x.x is the internal IP address of our mail-filter appliance that then continues transmission to (A).

    I will cross-post this to Exchange Server 2016 - Mail Flow and Secure Messaging, as 2019 doesn't have specific sub-forums yet.



    Tuesday, September 17, 2019 8:24 AM

All replies

  • Hi

    I removed your duplicate post in the 2016 section.

    Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Tuesday, September 17, 2019 8:38 AM
  • Hello,

    if your internal domain is and your email is the same (split dns) could you build an internal SPF record in your internal dns ?

    including your internal ip ?


    Tuesday, September 17, 2019 8:47 AM
  • The AD domain dates back to Server 2000 so is a "domain.local", so doesn't match the external FQDN, but OWA/ECP etc all point to the external FQDN which there is an entry in the local DNS server pointing to the internal IP address, and resolves as such when pinged.
    Tuesday, September 17, 2019 10:58 AM
  • Hi Stuart,

    It seems that your personal account failed to pass the SPF check, since you could reply from your GMail account, I am afraid that we should check your personal domain's the SPF record rather than your Exchange server's.

    Anyway, let's focus on the issue that Exchange 2019 mailbox cannot reply an email sending from Exchange 2013.

    Considering that you have received a NDR saying that the message was delayed, we could troubleshooting the issue via the steps below:

    1. Analyse the message header in ExRCA and send the result here.

    2. Search the message tracking log via the command below:

    Get-ExchangeServer | where {$_.isHubTransportServer -eq $true -or $_.isMailboxServer -eq $true} | Get-MessageTrackingLog -Recipient "recipient address" -MessageSubject "the problematic message’s subject" | select *time*, source, EventID, sender, @{Name="recipients";Expression={$_.recipients -join " "}},MessageSubject, ClientHostname, ServerHostname, SourceContext, MessageID | Sort-Object -Property Timestamp 

    Look forward to your reply.


    Manu Meng

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact

    Wednesday, September 18, 2019 8:55 AM
  • Just checking in to see if above information was helpful. Please let us know if you would like further assistance.


    Manu Meng

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact

    Monday, September 23, 2019 9:49 AM