Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Outgoing email to SBC being blocked, reverse DNS issue

Posted on 2008-10-02
15
Medium Priority
?
803 Views
Last Modified: 2012-06-27
I have a Barracuda Spam Firewall, and an Exchange 2000 Server behing a PIX Firewall.   We have been experiencing issues with being blocked by SBC, so outgoing email is rejected.  

Mail.ourdomain.com resolved to the Barracuda, but the Exchange Server has another IP.  Because of this, reverse DNS is not working properly, and we believe this is why we get rejected.   Outgoing email is forwarded back out the Barracuda.  

The PIX is not able to forward the SMTP port on the Exchange IP to the Barracuda (outdated firmware which client does not want to pay to upgrade).

I have been struggling to come up with a solution for this.  Does anyone know how I can fix this?  
0
Comment
Question by:James Glaubiger
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
15 Comments
 
LVL 7

Expert Comment

by:bcrosby007
ID: 22626282
You have to have a route from the Firewall to the exchange server. You can open the SMTP port and route all smtp traffic to the Exchange.
I am not familiar with the barracuda firewall...
0
 
LVL 7

Author Comment

by:James Glaubiger
ID: 22626350
*Incoming Email*     WAN -> PIX -> Barracuda (Spam Filtering) -> Exchange

*Outgoing Email* Exchange -> Barracuda -> PIX -> WAN

The issue seems to be that Exchange puts its WAN IP into the email header, but DNS shows mail.ourdomain.com pointing to the Barracuda WAN IP.  So reverse DNS issnt working, and we get marked as Spam.
0
 
LVL 7

Expert Comment

by:bcrosby007
ID: 22626404
Can you change your MX to your Pix and route smtp from your pix to your barracuda then from your barracuda to your exchange?
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 7

Author Comment

by:James Glaubiger
ID: 22627433
The Exchange would still put in its IP address on outgoing email and cause the issue.   How do people usually have this setup for reverse DNS to work with a Barracuda?
0
 
LVL 7

Accepted Solution

by:
bcrosby007 earned 1000 total points
ID: 22632661
Did you create a PTR dns record for your mail server?
http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1255179,00.html 
0
 
LVL 7

Expert Comment

by:bcrosby007
ID: 22632674
You will probably have to use the Barracuda Public IP as the PTR.
0
 
LVL 7

Author Comment

by:James Glaubiger
ID: 22635607
Ok, this looks promising since I do not see our PTR record.   I will make the suggested changes and monitor the issue a bit.  I will post back with my results.

thanks
0
 
LVL 1

Assisted Solution

by:DiabloPubs
DiabloPubs earned 1000 total points
ID: 22664844
I have a similar setup with a Barracuda Spam Firewall 200 sitting behind our router and before our email server.  I had some issues a few months ago with our users sending emails to AOL email addresses.  We had to configure the PTR record to point to our email server's public IP and not the Barracuda's IP.
0
 
LVL 7

Author Comment

by:James Glaubiger
ID: 22665216
So who is correct?   :)
0
 
LVL 7

Expert Comment

by:bcrosby007
ID: 22668056
Use the Exchange Server's IP first. A PTR can always be changed if needed!
0
 
LVL 1

Expert Comment

by:DiabloPubs
ID: 23142782
Any chance I can get some partial credit for reaffirming the fact that the email server's IP, not the Barracuda, should be associated with the PTR record?
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
This video discusses moving either the default database or any database to a new volume.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question