Telstar-Networks
asked on
Exchange 07 bounces one domain even after BypassedSenderDomain list
I have an x64 box running Exchange 07. In front of it I have a spam server running MailScanner off Ubuntu. Typically when the linux server bounces something and I add it to the white list, when it tries to relay to Exchange, Exchange then bounces it back to the spam server. Whenever this has happened in the past, I simply added the mail servers coming in on that bouncing domain (it comes in blocks of entire domains, for all intents and purposes here) to the BypassedSenderDomains list and then it went through fine.
Now I have found one domain that this doesn't work on. The incoming mail, I see when I grep for the domain in the mail.log, is bouncing off of at least 5 different servers, usually 3-4 per email before it gets to the spam filter. The filter then white lists and passes to Exchange, but even though I have added all 5 servers to the BypassedSenderDomains list, Exchange continues to bounce these messages back to spam.
Anyone have an idea? I'm fresh out and could use a hand.
Now I have found one domain that this doesn't work on. The incoming mail, I see when I grep for the domain in the mail.log, is bouncing off of at least 5 different servers, usually 3-4 per email before it gets to the spam filter. The filter then white lists and passes to Exchange, but even though I have added all 5 servers to the BypassedSenderDomains list, Exchange continues to bounce these messages back to spam.
Anyone have an idea? I'm fresh out and could use a hand.
is this being bounced by your spam box or exchange server..... do you have the antispam agents running on your EX server?
ASKER
I'm not certain what exactly it is failing on. I do have anti-spam running, but since I had the same issue with all other domains added to BypassedSenderDomains, I'm not sure why this isn't working. I set sender ID to allow the mail to go through with a stamp, but am waiting for a test to happen. It is most assuredly the Exchange server that is bouncing, not the spam box in front of it. I would like to get a copy of the bounced but they never show up. Checking DNS stuff, it returns that the guy who set this box up apparently never set it to allow null senders, which (if I recall correctly) are used exclusively for error messages on bounce. Any able to direct me to where I can enable that? I inherited this machine and am not terribly well versed with Exchange.
have you tried disabling your spam agents on exchange, then testing
ASKER
The only one with any actual config done, other than sender ID which I set to stamp and continue processing (still waiting for test), is Sender Rep. Which shouldn't have anything to do with it. I'm not entirely sure what this domain's setup is who we can't receive mail from, but initial connection starts with webmail.problemdomain.com,
you never know, you can always enable it back.......
and you dont have an ndr ?
ASKER
That's true. It will be my next step should setting sender ID to stamp and continue fails.
No ndr either. Once Exchange bounces it back to the spam box, it basically disappears. Like I said, I don't really know why this happens. The best I can figure is because null recipient isn't working properly, though I can't find where to enable it. Though, on the odd side, failures internal to the domain return errors, so it is possible it has something to do with the spam box why outside senders aren't returned errors.
No ndr either. Once Exchange bounces it back to the spam box, it basically disappears. Like I said, I don't really know why this happens. The best I can figure is because null recipient isn't working properly, though I can't find where to enable it. Though, on the odd side, failures internal to the domain return errors, so it is possible it has something to do with the spam box why outside senders aren't returned errors.
ASKER
Well that did not work, but the error I can grep changed from unable to relay, to External Client does not have permissions to submit to this server. (550 5.7.1).
In minimal research, it seems that there is an issue with the ms-exch-smtp-submit permission, but checking under server config and hub transport, default, then permission groups, anonymous users is checked.
In minimal research, it seems that there is an issue with the ms-exch-smtp-submit permission, but checking under server config and hub transport, default, then permission groups, anonymous users is checked.
that allows submission but not relay which is appears to be treating it as
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, the relay is technically coming from the spam box, which already has a connector set up. It works for everything but this domain. The relay setup also only allows local IP addresses.
ASKER
Well, not sure why still, but setting up an SMTP connector to it worked. Thanks for the help.
Simon.