Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1152
  • Last Modified:

How do I redirect all MX to Postini

We have been using a third party service for spam filtering, called Katharion, for about two years. I recently signed up for Postini and switched our MX records (hosted with godaddy) over to them. We use an Exchange 2003 server locally to host our email.

Here is where I need your help - For some reason, we are still receiving mail in the Katharion filters and I still see Katharion information in the headers of new mail I receive. I made the changes over 3 days ago.

Let me know what other information I can provide.
_____
Here is an example of a current email header:
Microsoft Mail Internet Headers Version 2.0
Received: from bravo.smtproutes.com ([208.70.91.151]) by scc-mx01.sccoffice.com with Microsoft SMTPSVC(6.0.3790.3959);
       Mon, 30 Mar 2009 14:58:27 -0700
Received: from bravo.smtproutes.com ([127.0.0.201])
  by bravo.smtproutes.com ([127.0.0.201])
  with SMTP via TCP; 30 Mar 2009 21:58:28 -0000
Received: (qmail 12695 invoked from network); 30 Mar 2009 21:58:27 -0000
Received: from k122.smtproutes.com ([208.70.91.122])
  by bravo.smtproutes.com ([192.168.1.151])
  with SMTP via TCP; 30 Mar 2009 21:58:27 -0000
Received: (qmail 28275 invoked from network); 30 Mar 2009 21:58:27 -0000
X-Katharion-ID: 1238450118.28276.k122 (2.2)
Received: from na3sys009amo101.postini.com ([74.125.149.35])
  by k122.smtproutes.com ([192.168.1.122])
  with ESMTP via TCP; 30 Mar 2009 21:55:14 -0000
Received: from psmtp.com (na3sys009amx208.postini.com [74.125.149.48])
      by na3sys009amo101.postini.com (Postfix) with SMTP id B8117870714
      for <waco@southwestcc.org>; Mon, 30 Mar 2009 14:54:43 -0700 (PDT)
Received: from source ([65.54.246.77]) by na3sys009amx208.postini.com ([74.125.148.10]) with SMTP;
      Mon, 30 Mar 2009 21:52:15 GMT
Received: from BAY123-W48 ([207.46.11.83]) by bay0-omc1-s5.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
       Mon, 30 Mar 2009 14:52:14 -0700
Message-ID: <BAY123-W489E58B3B1ED68E66CA812848D0@phx.gbl>
Content-Type: multipart/alternative;
      boundary="_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_"
X-Originating-IP: [67.220.161.210]
From: Waco Muse <waco_muse@hotmail.com>
To: Waco Muse <waco@southwestcc.org>
Subject: Test3
Date: Mon, 30 Mar 2009 21:52:14 +0000
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 30 Mar 2009 21:52:14.0752 (UTC) FILETIME=[C992FA00:01C9B181]
X-pstn-neptune: 0/0/0.00/0
X-pstn-levels:     (S:70.83468/99.90000 CV: 0.5039 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
X-pstn-settings: 2 (0.5000:0.5000) s CV gt3 gt2 gt1
X-pstn-addresses: from <waco_muse@hotmail.com> [db-null]
Return-Path: waco_muse@hotmail.com
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-5.6.1016-16550.005
X-TM-AS-Result: Yes-14.600300-4.000000-31

--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_--
0
waco_muse
Asked:
waco_muse
  • 4
  • 2
1 Solution
 
waco_museAuthor Commented:
I should add that I see the daily spam reports from Katharion in the Postini User Quarantine, and the daily spam reports from Postini in the Katharion filters.

I have all spam reports from Postini directed to my mailbox for now. Some of them are getting through, but the others are getting stuck in the Katharion filter.

Crazy!
0
 
KaffiendCommented:
It appears that you have several MX records, two of which look like they are not Postini's servers.  Check again at GoDaddy.  (Are you sure they are your DNS hosts?)

(Take a look for yourself at mxtoolbox.com)


mxrecordsMar301146pm.JPG
0
 
waco_museAuthor Commented:
Godaddy *should* be the only DNS host we have. However; you did catch something. Apparently I was tired and hit CTRL-V without paying attention. I'll make the correct changes to this and see if that helps.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
waco_museAuthor Commented:
I've ensured that all MX records on godaddy are properly set up; and running a check on mxtoolbox shows only Postini MX records. Yet - I am still receiving some email, already scanned by Postini, in the Katharion spam filters. I don't get it.

Does anyone have an idea where I should be checking next?

Thanks!

Here's a copy of a recent header. I released this from the Katharion filter:
Microsoft Mail Internet Headers Version 2.0
Received: from k074.smtproutes.com ([208.70.89.174]) by scc-mx01.sccoffice.com with Microsoft SMTPSVC(6.0.3790.3959);
       Tue, 31 Mar 2009 17:08:00 -0700
Received: (qmail 4787 invoked by uid 48); 31 Mar 2009 21:53:48 -0000
Received: from k080.smtproutes.com ([208.70.88.180])
  by k074.smtproutes.com ([192.168.2.174])
  with ESMTP via TCP; 31 Mar 2009 20:03:17 -0000
X-Katharion-ID: 1238537842.25014.k080 (1.9)
Received: from psmtp.com ([74.125.149.149])
  by k080.smtproutes.com ([192.168.2.180])
  with SMTP via TCP; 31 Mar 2009 22:17:17 -0000
Received: from source ([209.66.113.62]) by na3sys009amx265.postini.com ([74.125.148.10]) with SMTP;
      Tue, 31 Mar 2009 22:17:17 GMT
DKIM-Signature: v=1; a=rsa-sha1; d=vresp.com; s=dkim; c=simple/simple;
      q=dns/txt; i=@vresp.com; t=1238537837;
      h=From:Subject:Date:To:MIME-Version:Content-Type;
      bh=ZhTzakjrRBO2fsvfPFWWYEOfEnY=;
      b=bKR16vOg23agVVZTY8JlGD7KDeWzPX/MeI9+ThVkgsBpmIogeh8+tm9qFVBn7PV6
      Vh/JBRRPSvxOB+5f1bcHFTgaWaeXS8Z9VEF2NbZaqGBYUtWQ8q/UpveTIKN+G3HR
      nMX5ZEHcApVXKK6RZzDFyFeuxYt/4tReWtOtthMx4nE=;
DomainKey-Signature: q=dns; a=rsa-sha1; c=nofws;
      s=mkt; d=vresp.com;
      h=Received:From:Reply-To:To:Subject:Date:Message-ID:List-Unsubscribe:MIME-Version:X-Company_ID:X-CTS-Enabled:X-Campaign:Content-Type;
      b=k9AcfwqflnfdR/l1R0iek/dQ2u43zk2OPRuxpLDe7M7qR80DBNLhbgSwMkDdDEhX
      JPPlizg5Yn4ZNDJ1stGUdpAHDtcsEniXZaybsXMgijYbIMoII5mtgQQLeZLWM4iP
      z/6qElTOWCV6SRvrEb3uQGSvfbttLFB/b0xcH7ZnYi0=
Received: from [10.4.7.56] ([10.4.7.56:44376] helo=mailer02.sf.verticalresponse.com)
      by hollister.sf.verticalresponse.com (envelope-from <bounces-acf163775b-205ed54eb0@b.cts.vresp.com>)
      (ecelerity 2.2.2.39 r(29395/29396)) with ESMTP
      id BF/4D-11183-C6692D94; Tue, 31 Mar 2009 15:17:17 -0700
From: "Amazon Web Services" <Amazon_Web_Services@mail.vresp.com>
Reply-To: "Amazon Web Services" <reply-acf163775b-205ed54eb0-d2b2@u.cts.vresp.com>
To: (removed)@southwestcc.org
Subject: Celebrating 3 Years of Amazon S3 with 3 Months of Transfer-In for 3 Cents/GB
Date: Tue, 31 Mar 2009 22:17:16 +0000
Message-ID: <acf163775b-(removed)=southwestcc.org@mail.vresp.com>
List-Unsubscribe: <mailto:reply-acf163775b-205ed54eb0-d2b2@u.cts.vresp.com?subject=unsubscribe>
MIME-Version: 1.0
X-Company_ID: 95876
X-CTS-Enabled: acf163775b-205ed54eb0
X-Campaign: acf163775b
Content-Type: multipart/alternative;
    boundary="__________MIMEboundary__________";
    charset="UTF-8"
X-pstn-neptune: 94/13/0.14/62
X-pstn-levels:     (S: 1.80395/99.90000 CV: 2.7429 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:92.9258 C:99.5902 )
X-pstn-settings: 3 (1.0000:1.0000) s CV gt3 gt2 gt1 p m c
X-pstn-addresses: from <Amazon_Web_Services@mail.vresp.com> [75/4]
Return-Path: bounces-acf163775b-205ed54eb0@b.cts.vresp.com
X-OriginalArrivalTime: 01 Apr 2009 00:08:00.0322 (UTC) FILETIME=[EB201220:01C9B25D]
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-5.6.1016-16552.004
X-TM-AS-Result: No--28.586700-4.000000-31

--__________MIMEboundary__________
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

--__________MIMEboundary__________
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable


--__________MIMEboundary__________--
0
 
KaffiendCommented:
I think the next step is to check your settings at Postini.

Looks like mail for your domain is going to Postini first, and then they (Postini) are forwarding that mail to the old spam filtering service, which then gets the mail to your server.

BTW, is your firewall and Exchange set up to receive mail from the Postini servers?
0
 
waco_museAuthor Commented:
Well, I finally found the problem. There was an incorrect entry in Postini's "Delivery Mgr" I'm sure it's something I put there... and forgot to change.

Thanks for your help!
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now