Solved

Wrong IP in email headers resulting in NDR - How do you make it correct?

Posted on 2010-08-13
21
1,518 Views
Last Modified: 2012-05-10
Morning,

When sending outgoing mail the header contains the wrong IP address resulting in NDRs.

I have two external IP ranges from different companies, one for Internet and external access for things like Terminal Servers etc, and another range from another company for emails.
However everything appears to be going through the internet IP range despite all NATs and Ports being configured correctly.

Nothing has been changed and it just started to happen all of a sudden.

I need to be able to change the email IP address to what it should be but cannot find the setting to do so?

Thanks in advance
0
Comment
Question by:Mr_Max_Power
  • 8
  • 6
  • 3
  • +3
21 Comments
 
LVL 6

Expert Comment

by:Vikas Shah
ID: 33427386
This entry comes from the SMTP Virtual Server DNS Properties. If You Change the name in there, it will be changed on the Header too. As for the IP Address, make sure that the DNS Name used doesn't not have this Address assigned where the message looks for the MX records.

Regards,

Vikas
0
 
LVL 3

Expert Comment

by:sbk100
ID: 33427399
Quick Clarification, is the IP in the header   one of the two external IP addresses you have?
0
 
LVL 11

Accepted Solution

by:
Coast-IT earned 500 total points
ID: 33427403
Are you talking about your Reverse DNS lookup?

Do a reverse DNS lookup on the IP address that you are sending mail out from at http://remote.12dt.com/

Then alter settings on Exchange

Good link here ;
http://ezinearticles.com/?Configure-Exchange-E-Mail-Server-Reverse-DNS-and-MX-Records-Correctly&id=3844191



0
 

Author Comment

by:Mr_Max_Power
ID: 33427433
Yes always an external IP.

Its very strange, when email sends out it just picks which IP it wants its never the same for example, i sent email last night to test and it was using internets external address, this morning when send to continue testing (made no changes) its using the email external address!

Its just not consistant.

My MX records etc are held externally but the company are saying there is nothing wrong with any of my DNS.
However i am not to sure but how do you prove something like that.

One point to also mention is that - not all emails create an NDR - quite a few get through and it works fine.

0
 

Author Comment

by:Mr_Max_Power
ID: 33427455
When i use the website suggested - for my email IP i get what appears to be the correct information back.

However when i put in the internet ip address i get no reverse lookup errors (which should be right as we dont use them for email)

0
 
LVL 3

Expert Comment

by:sbk100
ID: 33427474
What is NDR error code you are getting?
0
 

Author Comment

by:Mr_Max_Power
ID: 33427480
error get back is

There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <servername.domain.INTERNAL #5.5.0 smtp;550 No SMTP service for unauthorized users>


0
 
LVL 3

Expert Comment

by:sbk100
ID: 33427532
Couple of things:
1. Do you think these NDR's authentic as in some one from your domain sent these and got an NDR or some one tried to relay through your server?
2. Do you get NDR for specific domain? ( senders domain?)
0
 

Author Comment

by:Mr_Max_Power
ID: 33427545
not sure what you mean for question one?

we get NDRs for a whoile host of domains, about 20 a day - most recent this morning was Argos of all things.

On exchange in system manager  for the first SMTP connector we use the option Use DNS to route to each address space. However this is the connector causing the issue.

I therefore created a troublesome domains connector which I add all bounce back domains to and then thsi connector relays through my email line providers servers and the messages get delivered.
However we have had bounces from this relay as well .
0
 
LVL 9

Expert Comment

by:Barry Gill
ID: 33427564
is servername.domain.internal YOUR Exchange server?

if so, then your users need to be authorised...

Are these rejected for users sending while outside of the office or while they are inside?
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:Mr_Max_Power
ID: 33427590
yes that first line is my exchange server.

both, it doesnt matter if you are in the office, or out of the office and accessing email via OWA.
0
 
LVL 3

Expert Comment

by:sbk100
ID: 33427608
Oops! my bad, what I meant   by authentic is that  are these NDRs you get in response to the mail you sent to some one outside your domain?
 If a server is open for relay, unauthorized user can use this relay through the server and you can get NDR

You may want to check for open relay try these website
http://www.mailradar.com/openrelay/
http://www.abuse.net/relay.html

Also test for Black list on http://www.mxtoolbox.com/blacklists.aspx
0
 

Author Comment

by:Mr_Max_Power
ID: 33427631
I get NDRs regardless of whether I send them through the relay server (2nd SMTP connector) or the First SMTP connector (uses DNS)

If the domain is listed in the relay configured connctor - that connector uses a username and password within the settings as provided by our vendor.
0
 
LVL 3

Expert Comment

by:sbk100
ID: 33427637
Okay Did you check if your server is open for relay?
0
 

Author Comment

by:Mr_Max_Power
ID: 33427730
When i used the website above, and entered IP address it says ive passed all tests. So assume that side of things is ok?

I am going to remove the DNS SMTP connector and try to use just relay for my first connector, see if that makes a difference.

0
 
LVL 9

Expert Comment

by:Barry Gill
ID: 33427742
what is the trusted range of IP addressed for your virtual SMTP server?
Is it the same as your LAN or are you authenticating users?
0
 
LVL 3

Expert Comment

by:sbk100
ID: 33427769
I dont think its going to make any difference because from my understanding of your problem, your server is being used for relay. So you may need to fix that.
0
 
LVL 9

Expert Comment

by:Barry Gill
ID: 33427864
I am pretty sure that the server you are relaying to is thinking you come from the wrong address. it is your DNS based mail that was sucessfully leaving.

ask your relay provider to authorise both of your IP's
0
 

Author Comment

by:Mr_Max_Power
ID: 33452472
Sorted the problem - ISP finally admitted that DNS was wrong and also that the authentication username and password they prodivded for the relay was also wrong hence why got so many bounces on each SMTP connector!

Thanks for help
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34679805
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video discusses moving either the default database or any database to a new volume.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now