Mr_Max_Power
asked on
Wrong IP in email headers resulting in NDR - How do you make it correct?
Morning,
When sending outgoing mail the header contains the wrong IP address resulting in NDRs.
I have two external IP ranges from different companies, one for Internet and external access for things like Terminal Servers etc, and another range from another company for emails.
However everything appears to be going through the internet IP range despite all NATs and Ports being configured correctly.
Nothing has been changed and it just started to happen all of a sudden.
I need to be able to change the email IP address to what it should be but cannot find the setting to do so?
Thanks in advance
When sending outgoing mail the header contains the wrong IP address resulting in NDRs.
I have two external IP ranges from different companies, one for Internet and external access for things like Terminal Servers etc, and another range from another company for emails.
However everything appears to be going through the internet IP range despite all NATs and Ports being configured correctly.
Nothing has been changed and it just started to happen all of a sudden.
I need to be able to change the email IP address to what it should be but cannot find the setting to do so?
Thanks in advance
Quick Clarification, is the IP in the header one of the two external IP addresses you have?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes always an external IP.
Its very strange, when email sends out it just picks which IP it wants its never the same for example, i sent email last night to test and it was using internets external address, this morning when send to continue testing (made no changes) its using the email external address!
Its just not consistant.
My MX records etc are held externally but the company are saying there is nothing wrong with any of my DNS.
However i am not to sure but how do you prove something like that.
One point to also mention is that - not all emails create an NDR - quite a few get through and it works fine.
Its very strange, when email sends out it just picks which IP it wants its never the same for example, i sent email last night to test and it was using internets external address, this morning when send to continue testing (made no changes) its using the email external address!
Its just not consistant.
My MX records etc are held externally but the company are saying there is nothing wrong with any of my DNS.
However i am not to sure but how do you prove something like that.
One point to also mention is that - not all emails create an NDR - quite a few get through and it works fine.
ASKER
When i use the website suggested - for my email IP i get what appears to be the correct information back.
However when i put in the internet ip address i get no reverse lookup errors (which should be right as we dont use them for email)
However when i put in the internet ip address i get no reverse lookup errors (which should be right as we dont use them for email)
What is NDR error code you are getting?
ASKER
error get back is
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<servername.domain.INTERNA L #5.5.0 smtp;550 No SMTP service for unauthorized users>
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<servername.domain.INTERNA
Couple of things:
1. Do you think these NDR's authentic as in some one from your domain sent these and got an NDR or some one tried to relay through your server?
2. Do you get NDR for specific domain? ( senders domain?)
1. Do you think these NDR's authentic as in some one from your domain sent these and got an NDR or some one tried to relay through your server?
2. Do you get NDR for specific domain? ( senders domain?)
ASKER
not sure what you mean for question one?
we get NDRs for a whoile host of domains, about 20 a day - most recent this morning was Argos of all things.
On exchange in system manager for the first SMTP connector we use the option Use DNS to route to each address space. However this is the connector causing the issue.
I therefore created a troublesome domains connector which I add all bounce back domains to and then thsi connector relays through my email line providers servers and the messages get delivered.
However we have had bounces from this relay as well .
we get NDRs for a whoile host of domains, about 20 a day - most recent this morning was Argos of all things.
On exchange in system manager for the first SMTP connector we use the option Use DNS to route to each address space. However this is the connector causing the issue.
I therefore created a troublesome domains connector which I add all bounce back domains to and then thsi connector relays through my email line providers servers and the messages get delivered.
However we have had bounces from this relay as well .
is servername.domain.internal YOUR Exchange server?
if so, then your users need to be authorised...
Are these rejected for users sending while outside of the office or while they are inside?
if so, then your users need to be authorised...
Are these rejected for users sending while outside of the office or while they are inside?
ASKER
yes that first line is my exchange server.
both, it doesnt matter if you are in the office, or out of the office and accessing email via OWA.
both, it doesnt matter if you are in the office, or out of the office and accessing email via OWA.
Oops! my bad, what I meant by authentic is that are these NDRs you get in response to the mail you sent to some one outside your domain?
If a server is open for relay, unauthorized user can use this relay through the server and you can get NDR
You may want to check for open relay try these website
http://www.mailradar.com/openrelay/
http://www.abuse.net/relay.html
Also test for Black list on http://www.mxtoolbox.com/blacklists.aspx
If a server is open for relay, unauthorized user can use this relay through the server and you can get NDR
You may want to check for open relay try these website
http://www.mailradar.com/openrelay/
http://www.abuse.net/relay.html
Also test for Black list on http://www.mxtoolbox.com/blacklists.aspx
ASKER
I get NDRs regardless of whether I send them through the relay server (2nd SMTP connector) or the First SMTP connector (uses DNS)
If the domain is listed in the relay configured connctor - that connector uses a username and password within the settings as provided by our vendor.
If the domain is listed in the relay configured connctor - that connector uses a username and password within the settings as provided by our vendor.
Okay Did you check if your server is open for relay?
ASKER
When i used the website above, and entered IP address it says ive passed all tests. So assume that side of things is ok?
I am going to remove the DNS SMTP connector and try to use just relay for my first connector, see if that makes a difference.
I am going to remove the DNS SMTP connector and try to use just relay for my first connector, see if that makes a difference.
what is the trusted range of IP addressed for your virtual SMTP server?
Is it the same as your LAN or are you authenticating users?
Is it the same as your LAN or are you authenticating users?
I dont think its going to make any difference because from my understanding of your problem, your server is being used for relay. So you may need to fix that.
I am pretty sure that the server you are relaying to is thinking you come from the wrong address. it is your DNS based mail that was sucessfully leaving.
ask your relay provider to authorise both of your IP's
ask your relay provider to authorise both of your IP's
ASKER
Sorted the problem - ISP finally admitted that DNS was wrong and also that the authentication username and password they prodivded for the relay was also wrong hence why got so many bounces on each SMTP connector!
Thanks for help
Thanks for help
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
Regards,
Vikas