Solved

Mail coming from a mxlogic.net host in our network

Posted on 2010-09-10
11
713 Views
Last Modified: 2013-11-30
We have been getting listed on a blacklist because mail is coming from several EHLO names in our network on the same IP.  We have several mail servers, so this is expected.

We are seeing however two listings from the domain mxlogic.net that we are unsure of.  Doing some research it looks to be related to McAfee products, but we are not using any on our mail systems.

Any ideas what this may be?

Also, any issues with having several mail servers all sending out the same IP with different EHLO names?
0
Comment
Question by:TacoFlavoredKisses
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 5

Expert Comment

by:jhill777
ID: 33647723
Who is your ISP?
0
 
LVL 1

Author Comment

by:TacoFlavoredKisses
ID: 33647746
It is a Time Warner pipe
0
 
LVL 17

Expert Comment

by:fgrushevsky
ID: 33651128
there are servers that check that EHLO names is resolving to the IP where the mail is coming from.  So make sure that you have "A" record for each EHLO name and "A" is pointed to the sending IP
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 1

Author Comment

by:TacoFlavoredKisses
ID: 33683915
Indeed.  

Any other thoughts on the mxlogic.net?
0
 
LVL 5

Expert Comment

by:jhill777
ID: 33684207
I imagine your problem is a bunch of companies are using that anti-spam method of requiring that the reverse PTR records match the name of the mail server sending the mail so using multiple mail servers with different ehlo names is causing the problem.  No shit, right?
I think you need to add an MX record for each mail server to resolve to the correct record on file with your ISP.  For example, if your ISP has your PTR in DNS as xx.xx.x.x Mail.yourdomain.com, that sending IP and FQDN has to match.  Creating an MX record in your DNS for each server, i.e Servername - Mx record - mail.yourdomain.com should fix it, I think.  My head hurts thinking about it and only a couple big companies use this because it's a headache when nobody has their reverse PTR set up correctly, even though they should, and your users all come crying to you that some guy has been sending them important emails but they never get them because your mail server is dropping the connection instantly when the reverse PTR doesn't match and not notifying anybody that the guy is trying to send email.  There are usually no bounceback messages or anything.  My configuration above might need to be tinkered with because I don't know what kind of problems if any, will come up with mulitple MX records pointing to different servers.  If all clients are able to send via any of the SMTP servers then that shouldn't be a problem but I'm not sure about receiving if you have their Outlook profiles configured to pull mail down from mail.yourdomain.com which would be your ExchangeserverA and but DNS is resolving exchangeserverA, B, and C all to mail.yourdomain.com.  
Clear as mud?
0
 
LVL 5

Expert Comment

by:jhill777
ID: 33684703
Or maybe it would have to be A records and MX records, now that I think about it.  So you would have multiple servers all with the same A record of mail.yourdomain.com as well as internal MX records....I think  I'm confusing myself even.  Sooo...your DNS might have to look like this if it will let you?  Basically, when the mail comes out of your domain, all the email has to match your Reverse PTR so you have to get all your servers to look like no matter which one sends it, all the mail is coming mail.yourdomain.com.

Name                                             Type                                        Data
exchangeserverA                        MX                                        exchangeserverA.yourdomain.com
exchangeserverA                          MX                                       mail.yourdomain.com
exchangeserverB                           MX                                       exchangeserverB.yourdomain.com
exchangeserverB                            MX                                     mail.yourdomain.com
exchangeserverC                           MX                                      exchangeserverC.yourdomain.com
exchangeserverC                            MX                                       mail.yourdomain.com
mail                                                  Host (A)                               192.168.x.x (Ip of exchangeserverA )
mail                                                   Host (A)                              192.168.x.x (ip of exchangeserverB)
mail                                                  Host (A)                               192.168.x.x (ip of exchangeserverC)
mail                                                   MX                                         mail.yourdomain.com
0
 
LVL 1

Author Comment

by:TacoFlavoredKisses
ID: 33684745
That would cause mail to try and flow into the wrong places with the MX record that way.

Our MX record goes to a cluster of Barracudas, and is not evewn the same IP as the one mail gets sent from.  Most filters/mail servers just care that your mail comes from an IP that HAS a reverse DNS entry.  Half the ones I see people sending with are not at all the same as their EHLO.

I think the easier solution may be to change the PAT to send as a different IP for each mail server, and set up reverse DNS for each of them.

It is odd because it has not been an issue in 4 years of sending multiple mail server platforms out the same public.  I think as spammers get craftier the people reporting and black listing are getting more strict.
0
 
LVL 5

Accepted Solution

by:
jhill777 earned 500 total points
ID: 33684941
There ya go.  If you have a group of external IPs available, then that would be easy to get reverse PTRs set up for each server and yes, I see a ton of email where there EHLO doesn't match.  I didn't have a problem with it until recently as well.  I think it was Verizon or somebody that I ran into that was forcing the match and they, in turn, had put us on some blacklists.
0
 
LVL 1

Author Comment

by:TacoFlavoredKisses
ID: 33702385
Still wondering what causes the MX logic ones if anyone else has any insight
0
 
LVL 1

Author Closing Comment

by:TacoFlavoredKisses
ID: 33729557
meh
0
 

Expert Comment

by:scmeeven
ID: 33821984
Not sure if I understand your question correctly. Your outgoing emails are blacklisted because you have several EHLO names due to different mail servers that send all mails out through a single IP, correct?

Could the MXLogic thing be related to using MXLogic outbound filtering which would require a smarthost configured on the mailserver that points to the MXLogic outbound filtering service?
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I didn’t use eM Client for long when I decided to swap to Outlook 2016. The reason for the switch is that it started asking for payment to continue some of its services after one month.   The problems I faced when I didn’t pay were:   I was not …
Article by: Rob
Notes 8.5 Archiving Steps and Tips This article covers setting up a Notes archive, and helps understand some of the menu choices making setting up and maintaining a Notes archive file easier.
The purpose of this video is to demonstrate how to set up an account with Mailchimp. This will be demonstrated using a Windows 8 PC. Tools Used are: Mailchimp.com Go to Mailchimp.com : Enter an Email, Username, and Password. Click Create My Acco…
This Micro Tutorial will demonstrate the easy use of Gmail embedding images in your email so the recipient of your email can view them in context.
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question