?
Solved

How do I redirect all MX to Postini

Posted on 2009-03-30
6
Medium Priority
?
1,138 Views
Last Modified: 2013-12-26
We have been using a third party service for spam filtering, called Katharion, for about two years. I recently signed up for Postini and switched our MX records (hosted with godaddy) over to them. We use an Exchange 2003 server locally to host our email.

Here is where I need your help - For some reason, we are still receiving mail in the Katharion filters and I still see Katharion information in the headers of new mail I receive. I made the changes over 3 days ago.

Let me know what other information I can provide.
_____
Here is an example of a current email header:
Microsoft Mail Internet Headers Version 2.0
Received: from bravo.smtproutes.com ([208.70.91.151]) by scc-mx01.sccoffice.com with Microsoft SMTPSVC(6.0.3790.3959);
       Mon, 30 Mar 2009 14:58:27 -0700
Received: from bravo.smtproutes.com ([127.0.0.201])
  by bravo.smtproutes.com ([127.0.0.201])
  with SMTP via TCP; 30 Mar 2009 21:58:28 -0000
Received: (qmail 12695 invoked from network); 30 Mar 2009 21:58:27 -0000
Received: from k122.smtproutes.com ([208.70.91.122])
  by bravo.smtproutes.com ([192.168.1.151])
  with SMTP via TCP; 30 Mar 2009 21:58:27 -0000
Received: (qmail 28275 invoked from network); 30 Mar 2009 21:58:27 -0000
X-Katharion-ID: 1238450118.28276.k122 (2.2)
Received: from na3sys009amo101.postini.com ([74.125.149.35])
  by k122.smtproutes.com ([192.168.1.122])
  with ESMTP via TCP; 30 Mar 2009 21:55:14 -0000
Received: from psmtp.com (na3sys009amx208.postini.com [74.125.149.48])
      by na3sys009amo101.postini.com (Postfix) with SMTP id B8117870714
      for <waco@southwestcc.org>; Mon, 30 Mar 2009 14:54:43 -0700 (PDT)
Received: from source ([65.54.246.77]) by na3sys009amx208.postini.com ([74.125.148.10]) with SMTP;
      Mon, 30 Mar 2009 21:52:15 GMT
Received: from BAY123-W48 ([207.46.11.83]) by bay0-omc1-s5.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
       Mon, 30 Mar 2009 14:52:14 -0700
Message-ID: <BAY123-W489E58B3B1ED68E66CA812848D0@phx.gbl>
Content-Type: multipart/alternative;
      boundary="_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_"
X-Originating-IP: [67.220.161.210]
From: Waco Muse <waco_muse@hotmail.com>
To: Waco Muse <waco@southwestcc.org>
Subject: Test3
Date: Mon, 30 Mar 2009 21:52:14 +0000
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 30 Mar 2009 21:52:14.0752 (UTC) FILETIME=[C992FA00:01C9B181]
X-pstn-neptune: 0/0/0.00/0
X-pstn-levels:     (S:70.83468/99.90000 CV: 0.5039 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
X-pstn-settings: 2 (0.5000:0.5000) s CV gt3 gt2 gt1
X-pstn-addresses: from <waco_muse@hotmail.com> [db-null]
Return-Path: waco_muse@hotmail.com
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-5.6.1016-16550.005
X-TM-AS-Result: Yes-14.600300-4.000000-31

--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_--
0
Comment
Question by:waco_muse
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 

Author Comment

by:waco_muse
ID: 24024218
I should add that I see the daily spam reports from Katharion in the Postini User Quarantine, and the daily spam reports from Postini in the Katharion filters.

I have all spam reports from Postini directed to my mailbox for now. Some of them are getting through, but the others are getting stuck in the Katharion filter.

Crazy!
0
 
LVL 14

Expert Comment

by:Kaffiend
ID: 24026235
It appears that you have several MX records, two of which look like they are not Postini's servers.  Check again at GoDaddy.  (Are you sure they are your DNS hosts?)

(Take a look for yourself at mxtoolbox.com)


mxrecordsMar301146pm.JPG
0
 

Author Comment

by:waco_muse
ID: 24030516
Godaddy *should* be the only DNS host we have. However; you did catch something. Apparently I was tired and hit CTRL-V without paying attention. I'll make the correct changes to this and see if that helps.
0
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

 

Author Comment

by:waco_muse
ID: 24035039
I've ensured that all MX records on godaddy are properly set up; and running a check on mxtoolbox shows only Postini MX records. Yet - I am still receiving some email, already scanned by Postini, in the Katharion spam filters. I don't get it.

Does anyone have an idea where I should be checking next?

Thanks!

Here's a copy of a recent header. I released this from the Katharion filter:
Microsoft Mail Internet Headers Version 2.0
Received: from k074.smtproutes.com ([208.70.89.174]) by scc-mx01.sccoffice.com with Microsoft SMTPSVC(6.0.3790.3959);
       Tue, 31 Mar 2009 17:08:00 -0700
Received: (qmail 4787 invoked by uid 48); 31 Mar 2009 21:53:48 -0000
Received: from k080.smtproutes.com ([208.70.88.180])
  by k074.smtproutes.com ([192.168.2.174])
  with ESMTP via TCP; 31 Mar 2009 20:03:17 -0000
X-Katharion-ID: 1238537842.25014.k080 (1.9)
Received: from psmtp.com ([74.125.149.149])
  by k080.smtproutes.com ([192.168.2.180])
  with SMTP via TCP; 31 Mar 2009 22:17:17 -0000
Received: from source ([209.66.113.62]) by na3sys009amx265.postini.com ([74.125.148.10]) with SMTP;
      Tue, 31 Mar 2009 22:17:17 GMT
DKIM-Signature: v=1; a=rsa-sha1; d=vresp.com; s=dkim; c=simple/simple;
      q=dns/txt; i=@vresp.com; t=1238537837;
      h=From:Subject:Date:To:MIME-Version:Content-Type;
      bh=ZhTzakjrRBO2fsvfPFWWYEOfEnY=;
      b=bKR16vOg23agVVZTY8JlGD7KDeWzPX/MeI9+ThVkgsBpmIogeh8+tm9qFVBn7PV6
      Vh/JBRRPSvxOB+5f1bcHFTgaWaeXS8Z9VEF2NbZaqGBYUtWQ8q/UpveTIKN+G3HR
      nMX5ZEHcApVXKK6RZzDFyFeuxYt/4tReWtOtthMx4nE=;
DomainKey-Signature: q=dns; a=rsa-sha1; c=nofws;
      s=mkt; d=vresp.com;
      h=Received:From:Reply-To:To:Subject:Date:Message-ID:List-Unsubscribe:MIME-Version:X-Company_ID:X-CTS-Enabled:X-Campaign:Content-Type;
      b=k9AcfwqflnfdR/l1R0iek/dQ2u43zk2OPRuxpLDe7M7qR80DBNLhbgSwMkDdDEhX
      JPPlizg5Yn4ZNDJ1stGUdpAHDtcsEniXZaybsXMgijYbIMoII5mtgQQLeZLWM4iP
      z/6qElTOWCV6SRvrEb3uQGSvfbttLFB/b0xcH7ZnYi0=
Received: from [10.4.7.56] ([10.4.7.56:44376] helo=mailer02.sf.verticalresponse.com)
      by hollister.sf.verticalresponse.com (envelope-from <bounces-acf163775b-205ed54eb0@b.cts.vresp.com>)
      (ecelerity 2.2.2.39 r(29395/29396)) with ESMTP
      id BF/4D-11183-C6692D94; Tue, 31 Mar 2009 15:17:17 -0700
From: "Amazon Web Services" <Amazon_Web_Services@mail.vresp.com>
Reply-To: "Amazon Web Services" <reply-acf163775b-205ed54eb0-d2b2@u.cts.vresp.com>
To: (removed)@southwestcc.org
Subject: Celebrating 3 Years of Amazon S3 with 3 Months of Transfer-In for 3 Cents/GB
Date: Tue, 31 Mar 2009 22:17:16 +0000
Message-ID: <acf163775b-(removed)=southwestcc.org@mail.vresp.com>
List-Unsubscribe: <mailto:reply-acf163775b-205ed54eb0-d2b2@u.cts.vresp.com?subject=unsubscribe>
MIME-Version: 1.0
X-Company_ID: 95876
X-CTS-Enabled: acf163775b-205ed54eb0
X-Campaign: acf163775b
Content-Type: multipart/alternative;
    boundary="__________MIMEboundary__________";
    charset="UTF-8"
X-pstn-neptune: 94/13/0.14/62
X-pstn-levels:     (S: 1.80395/99.90000 CV: 2.7429 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:92.9258 C:99.5902 )
X-pstn-settings: 3 (1.0000:1.0000) s CV gt3 gt2 gt1 p m c
X-pstn-addresses: from <Amazon_Web_Services@mail.vresp.com> [75/4]
Return-Path: bounces-acf163775b-205ed54eb0@b.cts.vresp.com
X-OriginalArrivalTime: 01 Apr 2009 00:08:00.0322 (UTC) FILETIME=[EB201220:01C9B25D]
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-5.6.1016-16552.004
X-TM-AS-Result: No--28.586700-4.000000-31

--__________MIMEboundary__________
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

--__________MIMEboundary__________
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable


--__________MIMEboundary__________--
0
 
LVL 14

Accepted Solution

by:
Kaffiend earned 2000 total points
ID: 24035700
I think the next step is to check your settings at Postini.

Looks like mail for your domain is going to Postini first, and then they (Postini) are forwarding that mail to the old spam filtering service, which then gets the mail to your server.

BTW, is your firewall and Exchange set up to receive mail from the Postini servers?
0
 

Author Comment

by:waco_muse
ID: 24043827
Well, I finally found the problem. There was an incorrect entry in Postini's "Delivery Mgr" I'm sure it's something I put there... and forgot to change.

Thanks for your help!
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
Suggested Courses
Course of the Month13 days, 3 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question