Wrong IP in email headers resulting in NDR - How do you make it correct?

Morning,

When sending outgoing mail the header contains the wrong IP address resulting in NDRs.

I have two external IP ranges from different companies, one for Internet and external access for things like Terminal Servers etc, and another range from another company for emails.
However everything appears to be going through the internet IP range despite all NATs and Ports being configured correctly.

Nothing has been changed and it just started to happen all of a sudden.

I need to be able to change the email IP address to what it should be but cannot find the setting to do so?

Thanks in advance
Mr_Max_PowerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vikas ShahCurrently Seeking OpportunitiesCommented:
This entry comes from the SMTP Virtual Server DNS Properties. If You Change the name in there, it will be changed on the Header too. As for the IP Address, make sure that the DNS Name used doesn't not have this Address assigned where the message looks for the MX records.

Regards,

Vikas
0
sbk100Commented:
Quick Clarification, is the IP in the header   one of the two external IP addresses you have?
0
Coast-ITCommented:
Are you talking about your Reverse DNS lookup?

Do a reverse DNS lookup on the IP address that you are sending mail out from at http://remote.12dt.com/

Then alter settings on Exchange

Good link here ;
http://ezinearticles.com/?Configure-Exchange-E-Mail-Server-Reverse-DNS-and-MX-Records-Correctly&id=3844191



0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Mr_Max_PowerAuthor Commented:
Yes always an external IP.

Its very strange, when email sends out it just picks which IP it wants its never the same for example, i sent email last night to test and it was using internets external address, this morning when send to continue testing (made no changes) its using the email external address!

Its just not consistant.

My MX records etc are held externally but the company are saying there is nothing wrong with any of my DNS.
However i am not to sure but how do you prove something like that.

One point to also mention is that - not all emails create an NDR - quite a few get through and it works fine.

0
Mr_Max_PowerAuthor Commented:
When i use the website suggested - for my email IP i get what appears to be the correct information back.

However when i put in the internet ip address i get no reverse lookup errors (which should be right as we dont use them for email)

0
sbk100Commented:
What is NDR error code you are getting?
0
Mr_Max_PowerAuthor Commented:
error get back is

There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <servername.domain.INTERNAL #5.5.0 smtp;550 No SMTP service for unauthorized users>


0
sbk100Commented:
Couple of things:
1. Do you think these NDR's authentic as in some one from your domain sent these and got an NDR or some one tried to relay through your server?
2. Do you get NDR for specific domain? ( senders domain?)
0
Mr_Max_PowerAuthor Commented:
not sure what you mean for question one?

we get NDRs for a whoile host of domains, about 20 a day - most recent this morning was Argos of all things.

On exchange in system manager  for the first SMTP connector we use the option Use DNS to route to each address space. However this is the connector causing the issue.

I therefore created a troublesome domains connector which I add all bounce back domains to and then thsi connector relays through my email line providers servers and the messages get delivered.
However we have had bounces from this relay as well .
0
Barry GillChief of StaffCommented:
is servername.domain.internal YOUR Exchange server?

if so, then your users need to be authorised...

Are these rejected for users sending while outside of the office or while they are inside?
0
Mr_Max_PowerAuthor Commented:
yes that first line is my exchange server.

both, it doesnt matter if you are in the office, or out of the office and accessing email via OWA.
0
sbk100Commented:
Oops! my bad, what I meant   by authentic is that  are these NDRs you get in response to the mail you sent to some one outside your domain?
 If a server is open for relay, unauthorized user can use this relay through the server and you can get NDR

You may want to check for open relay try these website
http://www.mailradar.com/openrelay/
http://www.abuse.net/relay.html

Also test for Black list on http://www.mxtoolbox.com/blacklists.aspx
0
Mr_Max_PowerAuthor Commented:
I get NDRs regardless of whether I send them through the relay server (2nd SMTP connector) or the First SMTP connector (uses DNS)

If the domain is listed in the relay configured connctor - that connector uses a username and password within the settings as provided by our vendor.
0
sbk100Commented:
Okay Did you check if your server is open for relay?
0
Mr_Max_PowerAuthor Commented:
When i used the website above, and entered IP address it says ive passed all tests. So assume that side of things is ok?

I am going to remove the DNS SMTP connector and try to use just relay for my first connector, see if that makes a difference.

0
Barry GillChief of StaffCommented:
what is the trusted range of IP addressed for your virtual SMTP server?
Is it the same as your LAN or are you authenticating users?
0
sbk100Commented:
I dont think its going to make any difference because from my understanding of your problem, your server is being used for relay. So you may need to fix that.
0
Barry GillChief of StaffCommented:
I am pretty sure that the server you are relaying to is thinking you come from the wrong address. it is your DNS based mail that was sucessfully leaving.

ask your relay provider to authorise both of your IP's
0
Mr_Max_PowerAuthor Commented:
Sorted the problem - ISP finally admitted that DNS was wrong and also that the authentication username and password they prodivded for the relay was also wrong hence why got so many bounces on each SMTP connector!

Thanks for help
0
Glen KnightCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.