• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 625
  • Last Modified:

Exchange 07 bounces one domain even after BypassedSenderDomain list

I have an x64 box running Exchange 07.  In front of it I have a spam server running MailScanner off Ubuntu.  Typically when the linux server bounces something and I add it to the white list, when it tries to relay to Exchange, Exchange then bounces it back to the spam server.  Whenever this has happened in the past, I simply added the mail servers coming in on that bouncing domain (it comes in blocks of entire domains, for all intents and purposes here) to the BypassedSenderDomains list and then it went through fine.  

Now I have found one domain that this doesn't work on.  The incoming mail, I see when I grep for the domain in the mail.log, is bouncing off of at least 5 different servers, usually 3-4 per email before it gets to the spam filter.  The filter then white lists and passes to Exchange, but even though I have added all 5 servers to the BypassedSenderDomains list, Exchange continues to bounce these messages back to spam.

Anyone have an idea?  I'm fresh out and could use a hand.
0
Telstar-Networks
Asked:
Telstar-Networks
  • 6
  • 6
1 Solution
 
SembeeCommented:
What is bouncing the messages on? Which test is it failing on?

Simon.
0
 
ATIGCommented:
is this being bounced by your spam box or exchange server..... do you have the antispam agents running on your EX server?
0
 
Telstar-NetworksAuthor Commented:
I'm not certain what exactly it is failing on.  I do have anti-spam running, but since I had the same issue with all other domains added to BypassedSenderDomains, I'm not sure why this isn't working.  I set sender ID to allow the mail to go through with a stamp, but am waiting for a test to happen.  It is most assuredly the Exchange server that is bouncing, not the spam box in front of it.  I would like to get a copy of the bounced but they never show up.  Checking DNS stuff, it returns that the guy who set this box up apparently never set it to allow null senders, which (if I recall correctly) are used exclusively for error messages on bounce.  Any able to direct me to where I can enable that?  I inherited this machine and am not terribly well versed with Exchange.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
ATIGCommented:
have you tried disabling your spam agents on exchange, then testing
0
 
Telstar-NetworksAuthor Commented:
The only one with any actual config done, other than sender ID which I set to stamp and continue processing (still waiting for test), is Sender Rep.  Which shouldn't have anything to do with it.  I'm not entirely sure what this domain's setup is who we can't receive mail from, but initial connection starts with webmail.problemdomain.com, goes to problemdomain03.com, then to 1 of 3 other servers (which all end in .net instead of .com).   Obviously Exchange is not liking this, but the Sender Rep would only flag it as spam and act accordingly.  I currently have it set up to forward all flagged spam to a quarantine box which has no email showing up at all from problemdomain.com
0
 
ATIGCommented:
you never know, you can always enable it back.......
0
 
ATIGCommented:
and you dont have an ndr ?
0
 
Telstar-NetworksAuthor Commented:
That's true.  It will be my next step should setting sender ID to stamp and continue fails.  

No ndr either.  Once Exchange bounces it back to the spam box, it basically disappears.  Like I said, I don't really know why this happens.  The best I can figure is because null recipient isn't working properly, though I can't find where to enable it.  Though, on the odd side, failures internal to the domain return errors, so it is possible it has something to do with the spam box why outside senders aren't returned errors.
0
 
Telstar-NetworksAuthor Commented:
Well that did not work, but the error I can grep changed from unable to relay, to External Client does not have permissions to submit to this server.  (550 5.7.1).

In minimal research, it seems that there is an issue with the ms-exch-smtp-submit permission, but checking under server config and hub transport, default, then permission groups, anonymous users is checked.
0
 
ATIGCommented:
that allows submission but not relay which is appears to be treating it as
0
 
Telstar-NetworksAuthor Commented:
Well, the relay is technically coming from the spam box, which already has a connector set up.  It works for everything but this domain.  The relay setup also only allows local IP addresses.
0
 
Telstar-NetworksAuthor Commented:
Well, not sure why still, but setting up an SMTP connector to it worked.  Thanks for the help.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now