Solved

How do I redirect all MX to Postini

Posted on 2009-03-30
6
1,117 Views
Last Modified: 2013-12-26
We have been using a third party service for spam filtering, called Katharion, for about two years. I recently signed up for Postini and switched our MX records (hosted with godaddy) over to them. We use an Exchange 2003 server locally to host our email.

Here is where I need your help - For some reason, we are still receiving mail in the Katharion filters and I still see Katharion information in the headers of new mail I receive. I made the changes over 3 days ago.

Let me know what other information I can provide.
_____
Here is an example of a current email header:
Microsoft Mail Internet Headers Version 2.0
Received: from bravo.smtproutes.com ([208.70.91.151]) by scc-mx01.sccoffice.com with Microsoft SMTPSVC(6.0.3790.3959);
       Mon, 30 Mar 2009 14:58:27 -0700
Received: from bravo.smtproutes.com ([127.0.0.201])
  by bravo.smtproutes.com ([127.0.0.201])
  with SMTP via TCP; 30 Mar 2009 21:58:28 -0000
Received: (qmail 12695 invoked from network); 30 Mar 2009 21:58:27 -0000
Received: from k122.smtproutes.com ([208.70.91.122])
  by bravo.smtproutes.com ([192.168.1.151])
  with SMTP via TCP; 30 Mar 2009 21:58:27 -0000
Received: (qmail 28275 invoked from network); 30 Mar 2009 21:58:27 -0000
X-Katharion-ID: 1238450118.28276.k122 (2.2)
Received: from na3sys009amo101.postini.com ([74.125.149.35])
  by k122.smtproutes.com ([192.168.1.122])
  with ESMTP via TCP; 30 Mar 2009 21:55:14 -0000
Received: from psmtp.com (na3sys009amx208.postini.com [74.125.149.48])
      by na3sys009amo101.postini.com (Postfix) with SMTP id B8117870714
      for <waco@southwestcc.org>; Mon, 30 Mar 2009 14:54:43 -0700 (PDT)
Received: from source ([65.54.246.77]) by na3sys009amx208.postini.com ([74.125.148.10]) with SMTP;
      Mon, 30 Mar 2009 21:52:15 GMT
Received: from BAY123-W48 ([207.46.11.83]) by bay0-omc1-s5.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
       Mon, 30 Mar 2009 14:52:14 -0700
Message-ID: <BAY123-W489E58B3B1ED68E66CA812848D0@phx.gbl>
Content-Type: multipart/alternative;
      boundary="_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_"
X-Originating-IP: [67.220.161.210]
From: Waco Muse <waco_muse@hotmail.com>
To: Waco Muse <waco@southwestcc.org>
Subject: Test3
Date: Mon, 30 Mar 2009 21:52:14 +0000
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 30 Mar 2009 21:52:14.0752 (UTC) FILETIME=[C992FA00:01C9B181]
X-pstn-neptune: 0/0/0.00/0
X-pstn-levels:     (S:70.83468/99.90000 CV: 0.5039 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
X-pstn-settings: 2 (0.5000:0.5000) s CV gt3 gt2 gt1
X-pstn-addresses: from <waco_muse@hotmail.com> [db-null]
Return-Path: waco_muse@hotmail.com
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-5.6.1016-16550.005
X-TM-AS-Result: Yes-14.600300-4.000000-31

--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


--_e91e1dfb-fd11-40ee-b3e3-9a1c880dbbdf_--
0
Comment
Question by:waco_muse
  • 4
  • 2
6 Comments
 

Author Comment

by:waco_muse
ID: 24024218
I should add that I see the daily spam reports from Katharion in the Postini User Quarantine, and the daily spam reports from Postini in the Katharion filters.

I have all spam reports from Postini directed to my mailbox for now. Some of them are getting through, but the others are getting stuck in the Katharion filter.

Crazy!
0
 
LVL 14

Expert Comment

by:Kaffiend
ID: 24026235
It appears that you have several MX records, two of which look like they are not Postini's servers.  Check again at GoDaddy.  (Are you sure they are your DNS hosts?)

(Take a look for yourself at mxtoolbox.com)


mxrecordsMar301146pm.JPG
0
 

Author Comment

by:waco_muse
ID: 24030516
Godaddy *should* be the only DNS host we have. However; you did catch something. Apparently I was tired and hit CTRL-V without paying attention. I'll make the correct changes to this and see if that helps.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:waco_muse
ID: 24035039
I've ensured that all MX records on godaddy are properly set up; and running a check on mxtoolbox shows only Postini MX records. Yet - I am still receiving some email, already scanned by Postini, in the Katharion spam filters. I don't get it.

Does anyone have an idea where I should be checking next?

Thanks!

Here's a copy of a recent header. I released this from the Katharion filter:
Microsoft Mail Internet Headers Version 2.0
Received: from k074.smtproutes.com ([208.70.89.174]) by scc-mx01.sccoffice.com with Microsoft SMTPSVC(6.0.3790.3959);
       Tue, 31 Mar 2009 17:08:00 -0700
Received: (qmail 4787 invoked by uid 48); 31 Mar 2009 21:53:48 -0000
Received: from k080.smtproutes.com ([208.70.88.180])
  by k074.smtproutes.com ([192.168.2.174])
  with ESMTP via TCP; 31 Mar 2009 20:03:17 -0000
X-Katharion-ID: 1238537842.25014.k080 (1.9)
Received: from psmtp.com ([74.125.149.149])
  by k080.smtproutes.com ([192.168.2.180])
  with SMTP via TCP; 31 Mar 2009 22:17:17 -0000
Received: from source ([209.66.113.62]) by na3sys009amx265.postini.com ([74.125.148.10]) with SMTP;
      Tue, 31 Mar 2009 22:17:17 GMT
DKIM-Signature: v=1; a=rsa-sha1; d=vresp.com; s=dkim; c=simple/simple;
      q=dns/txt; i=@vresp.com; t=1238537837;
      h=From:Subject:Date:To:MIME-Version:Content-Type;
      bh=ZhTzakjrRBO2fsvfPFWWYEOfEnY=;
      b=bKR16vOg23agVVZTY8JlGD7KDeWzPX/MeI9+ThVkgsBpmIogeh8+tm9qFVBn7PV6
      Vh/JBRRPSvxOB+5f1bcHFTgaWaeXS8Z9VEF2NbZaqGBYUtWQ8q/UpveTIKN+G3HR
      nMX5ZEHcApVXKK6RZzDFyFeuxYt/4tReWtOtthMx4nE=;
DomainKey-Signature: q=dns; a=rsa-sha1; c=nofws;
      s=mkt; d=vresp.com;
      h=Received:From:Reply-To:To:Subject:Date:Message-ID:List-Unsubscribe:MIME-Version:X-Company_ID:X-CTS-Enabled:X-Campaign:Content-Type;
      b=k9AcfwqflnfdR/l1R0iek/dQ2u43zk2OPRuxpLDe7M7qR80DBNLhbgSwMkDdDEhX
      JPPlizg5Yn4ZNDJ1stGUdpAHDtcsEniXZaybsXMgijYbIMoII5mtgQQLeZLWM4iP
      z/6qElTOWCV6SRvrEb3uQGSvfbttLFB/b0xcH7ZnYi0=
Received: from [10.4.7.56] ([10.4.7.56:44376] helo=mailer02.sf.verticalresponse.com)
      by hollister.sf.verticalresponse.com (envelope-from <bounces-acf163775b-205ed54eb0@b.cts.vresp.com>)
      (ecelerity 2.2.2.39 r(29395/29396)) with ESMTP
      id BF/4D-11183-C6692D94; Tue, 31 Mar 2009 15:17:17 -0700
From: "Amazon Web Services" <Amazon_Web_Services@mail.vresp.com>
Reply-To: "Amazon Web Services" <reply-acf163775b-205ed54eb0-d2b2@u.cts.vresp.com>
To: (removed)@southwestcc.org
Subject: Celebrating 3 Years of Amazon S3 with 3 Months of Transfer-In for 3 Cents/GB
Date: Tue, 31 Mar 2009 22:17:16 +0000
Message-ID: <acf163775b-(removed)=southwestcc.org@mail.vresp.com>
List-Unsubscribe: <mailto:reply-acf163775b-205ed54eb0-d2b2@u.cts.vresp.com?subject=unsubscribe>
MIME-Version: 1.0
X-Company_ID: 95876
X-CTS-Enabled: acf163775b-205ed54eb0
X-Campaign: acf163775b
Content-Type: multipart/alternative;
    boundary="__________MIMEboundary__________";
    charset="UTF-8"
X-pstn-neptune: 94/13/0.14/62
X-pstn-levels:     (S: 1.80395/99.90000 CV: 2.7429 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:92.9258 C:99.5902 )
X-pstn-settings: 3 (1.0000:1.0000) s CV gt3 gt2 gt1 p m c
X-pstn-addresses: from <Amazon_Web_Services@mail.vresp.com> [75/4]
Return-Path: bounces-acf163775b-205ed54eb0@b.cts.vresp.com
X-OriginalArrivalTime: 01 Apr 2009 00:08:00.0322 (UTC) FILETIME=[EB201220:01C9B25D]
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-5.6.1016-16552.004
X-TM-AS-Result: No--28.586700-4.000000-31

--__________MIMEboundary__________
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

--__________MIMEboundary__________
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable


--__________MIMEboundary__________--
0
 
LVL 14

Accepted Solution

by:
Kaffiend earned 500 total points
ID: 24035700
I think the next step is to check your settings at Postini.

Looks like mail for your domain is going to Postini first, and then they (Postini) are forwarding that mail to the old spam filtering service, which then gets the mail to your server.

BTW, is your firewall and Exchange set up to receive mail from the Postini servers?
0
 

Author Comment

by:waco_muse
ID: 24043827
Well, I finally found the problem. There was an incorrect entry in Postini's "Delivery Mgr" I'm sure it's something I put there... and forgot to change.

Thanks for your help!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
how to add IIS SMTP to handle application/Scanner relays into office 365.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now