Solved

How do I redirect all MX to Postini

Posted on 2009-03-30
6
1,122 Views
Last Modified: 2013-12-26
We have been using a third party service for spam filtering, called Katharion, for about two years. I recently signed up for Postini and switched our MX records (hosted with godaddy) over to them. We use an Exchange 2003 server locally to host our email.

Here is where I need your help - For some reason, we are still receiving mail in the Katharion filters and I still see Katharion information in the headers of new mail I receive. I made the changes over 3 days ago.

Let me know what other information I can provide.
_____
Here is an example of a current email header:
Microsoft Mail Internet Headers Version 2.0
Received: from bravo.smtproutes.com ([208.70.91.151]) by scc-mx01.sccoffice.com with Microsoft SMTPSVC(6.0.3790.3959);
       Mon, 30 Mar 2009 14:58:27 -0700
Received: from bravo.smtproutes.com ([127.0.0.201])
  by bravo.smtproutes.com ([127.0.0.201])
  with SMTP via TCP; 30 Mar 2009 21:58:28 -0000
Received: (qmail 12695 invoked from network); 30 Mar 2009 21:58:27 -0000
Received: from k122.smtproutes.com ([208.70.91.122])
  by bravo.smtproutes.com ([192.168.1.151])
  with SMTP via TCP; 30 Mar 2009 21:58:27 -0000
Received: (qmail 28275 invoked from network); 30 Mar 2009 21:58:27 -0000
X-Katharion-ID: 1238450118.28276.k122 (2.2)
Received: from na3sys009amo101.postini.com ([74.125.149.35])
  by k122.smtproutes.com ([192.168.1.122])
  with ESMTP via TCP; 30 Mar 2009 21:55:14 -0000
Received: from psmtp.com (na3sys009amx208.postini.com [74.125.149.48])
      by na3sys009amo101.postini.com (Postfix) with SMTP id B8117870714
      for <waco@southwestcc.org>; Mon, 30 Mar 2009 14:54:43 -0700 (PDT)
Received: from source ([65.54.246.77]) by na3sys009amx208.postini.com ([74.125.148.10]) with SMTP;
      Mon, 30 Mar 2009 21:52:15 GMT
Received: from BAY123-W48 ([207.46.11.83]) by bay0-omc1-s5.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
       Mon, 30 Mar 2009 14:52:14 -0700
Message-ID: <BAY123-W489E58B3B1ED68E66CA812848D0@phx.gbl>
Content-Type: multipart/alternative;
      boundary="_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_"
X-Originating-IP: [67.220.161.210]
From: Waco Muse <waco_muse@hotmail.com>
To: Waco Muse <waco@southwestcc.org>
Subject: Test3
Date: Mon, 30 Mar 2009 21:52:14 +0000
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 30 Mar 2009 21:52:14.0752 (UTC) FILETIME=[C992FA00:01C9B181]
X-pstn-neptune: 0/0/0.00/0
X-pstn-levels:     (S:70.83468/99.90000 CV: 0.5039 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
X-pstn-settings: 2 (0.5000:0.5000) s CV gt3 gt2 gt1
X-pstn-addresses: from <waco_muse@hotmail.com> [db-null]
Return-Path: waco_muse@hotmail.com
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-5.6.1016-16550.005
X-TM-AS-Result: Yes-14.600300-4.000000-31

--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_--
0
Comment
Question by:waco_muse
  • 4
  • 2
6 Comments
 

Author Comment

by:waco_muse
ID: 24024218
I should add that I see the daily spam reports from Katharion in the Postini User Quarantine, and the daily spam reports from Postini in the Katharion filters.

I have all spam reports from Postini directed to my mailbox for now. Some of them are getting through, but the others are getting stuck in the Katharion filter.

Crazy!
0
 
LVL 14

Expert Comment

by:Kaffiend
ID: 24026235
It appears that you have several MX records, two of which look like they are not Postini's servers.  Check again at GoDaddy.  (Are you sure they are your DNS hosts?)

(Take a look for yourself at mxtoolbox.com)


mxrecordsMar301146pm.JPG
0
 

Author Comment

by:waco_muse
ID: 24030516
Godaddy *should* be the only DNS host we have. However; you did catch something. Apparently I was tired and hit CTRL-V without paying attention. I'll make the correct changes to this and see if that helps.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:waco_muse
ID: 24035039
I've ensured that all MX records on godaddy are properly set up; and running a check on mxtoolbox shows only Postini MX records. Yet - I am still receiving some email, already scanned by Postini, in the Katharion spam filters. I don't get it.

Does anyone have an idea where I should be checking next?

Thanks!

Here's a copy of a recent header. I released this from the Katharion filter:
Microsoft Mail Internet Headers Version 2.0
Received: from k074.smtproutes.com ([208.70.89.174]) by scc-mx01.sccoffice.com with Microsoft SMTPSVC(6.0.3790.3959);
       Tue, 31 Mar 2009 17:08:00 -0700
Received: (qmail 4787 invoked by uid 48); 31 Mar 2009 21:53:48 -0000
Received: from k080.smtproutes.com ([208.70.88.180])
  by k074.smtproutes.com ([192.168.2.174])
  with ESMTP via TCP; 31 Mar 2009 20:03:17 -0000
X-Katharion-ID: 1238537842.25014.k080 (1.9)
Received: from psmtp.com ([74.125.149.149])
  by k080.smtproutes.com ([192.168.2.180])
  with SMTP via TCP; 31 Mar 2009 22:17:17 -0000
Received: from source ([209.66.113.62]) by na3sys009amx265.postini.com ([74.125.148.10]) with SMTP;
      Tue, 31 Mar 2009 22:17:17 GMT
DKIM-Signature: v=1; a=rsa-sha1; d=vresp.com; s=dkim; c=simple/simple;
      q=dns/txt; i=@vresp.com; t=1238537837;
      h=From:Subject:Date:To:MIME-Version:Content-Type;
      bh=ZhTzakjrRBO2fsvfPFWWYEOfEnY=;
      b=bKR16vOg23agVVZTY8JlGD7KDeWzPX/MeI9+ThVkgsBpmIogeh8+tm9qFVBn7PV6
      Vh/JBRRPSvxOB+5f1bcHFTgaWaeXS8Z9VEF2NbZaqGBYUtWQ8q/UpveTIKN+G3HR
      nMX5ZEHcApVXKK6RZzDFyFeuxYt/4tReWtOtthMx4nE=;
DomainKey-Signature: q=dns; a=rsa-sha1; c=nofws;
      s=mkt; d=vresp.com;
      h=Received:From:Reply-To:To:Subject:Date:Message-ID:List-Unsubscribe:MIME-Version:X-Company_ID:X-CTS-Enabled:X-Campaign:Content-Type;
      b=k9AcfwqflnfdR/l1R0iek/dQ2u43zk2OPRuxpLDe7M7qR80DBNLhbgSwMkDdDEhX
      JPPlizg5Yn4ZNDJ1stGUdpAHDtcsEniXZaybsXMgijYbIMoII5mtgQQLeZLWM4iP
      z/6qElTOWCV6SRvrEb3uQGSvfbttLFB/b0xcH7ZnYi0=
Received: from [10.4.7.56] ([10.4.7.56:44376] helo=mailer02.sf.verticalresponse.com)
      by hollister.sf.verticalresponse.com (envelope-from <bounces-acf163775b-205ed54eb0@b.cts.vresp.com>)
      (ecelerity 2.2.2.39 r(29395/29396)) with ESMTP
      id BF/4D-11183-C6692D94; Tue, 31 Mar 2009 15:17:17 -0700
From: "Amazon Web Services" <Amazon_Web_Services@mail.vresp.com>
Reply-To: "Amazon Web Services" <reply-acf163775b-205ed54eb0-d2b2@u.cts.vresp.com>
To: (removed)@southwestcc.org
Subject: Celebrating 3 Years of Amazon S3 with 3 Months of Transfer-In for 3 Cents/GB
Date: Tue, 31 Mar 2009 22:17:16 +0000
Message-ID: <acf163775b-(removed)=southwestcc.org@mail.vresp.com>
List-Unsubscribe: <mailto:reply-acf163775b-205ed54eb0-d2b2@u.cts.vresp.com?subject=unsubscribe>
MIME-Version: 1.0
X-Company_ID: 95876
X-CTS-Enabled: acf163775b-205ed54eb0
X-Campaign: acf163775b
Content-Type: multipart/alternative;
    boundary="__________MIMEboundary__________";
    charset="UTF-8"
X-pstn-neptune: 94/13/0.14/62
X-pstn-levels:     (S: 1.80395/99.90000 CV: 2.7429 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:92.9258 C:99.5902 )
X-pstn-settings: 3 (1.0000:1.0000) s CV gt3 gt2 gt1 p m c
X-pstn-addresses: from <Amazon_Web_Services@mail.vresp.com> [75/4]
Return-Path: bounces-acf163775b-205ed54eb0@b.cts.vresp.com
X-OriginalArrivalTime: 01 Apr 2009 00:08:00.0322 (UTC) FILETIME=[EB201220:01C9B25D]
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-5.6.1016-16552.004
X-TM-AS-Result: No--28.586700-4.000000-31

--__________MIMEboundary__________
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

--__________MIMEboundary__________
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable


--__________MIMEboundary__________--
0
 
LVL 14

Accepted Solution

by:
Kaffiend earned 500 total points
ID: 24035700
I think the next step is to check your settings at Postini.

Looks like mail for your domain is going to Postini first, and then they (Postini) are forwarding that mail to the old spam filtering service, which then gets the mail to your server.

BTW, is your firewall and Exchange set up to receive mail from the Postini servers?
0
 

Author Comment

by:waco_muse
ID: 24043827
Well, I finally found the problem. There was an incorrect entry in Postini's "Delivery Mgr" I'm sure it's something I put there... and forgot to change.

Thanks for your help!
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now