Link to home
Create AccountLog in
Avatar of davorin
davorinFlag for Slovenia

asked on

IP blocklist providers filtering on exchange 2007 (sbs2008) not working


I'm having a problem resolving a mystery on sbs 2008 server with Exchange 2007 SP3 Rollup1.
Few weeks ago IP blocklist providers filtering stopped to work. I'm using and providers. Even if both providers and connection filtering agent is enabled, there is no sign that ip block list providers are filtering mails. Normally there are smtp receive logs full of messages like "your mail was rejected because you are blaclisted on...", but now for weeks I don't see any of them.
Possibly the problem is related to (problematic) removing NIC teaming on server (ML350 G6), which ended with manually removing teaming NICs from network connections and disabling second NIC in BIOS.
There is occasionally listed error MSExchange Common Event ID 205 in event viewer, saying "no DNS servers could be retrieved from network adapter "03e1....". Guid listed is not the guid of the NIC listed in network connections. Get-networkconnectioninfo returns correct configuration. SBS and Exchange BPA shows no errors.
I would be really happy to get help on this issue.
Thank you.

Avatar of abhijitmdp
Flag of India image

Try to ping the GUID that is in the event log and see where it is pointing. Create proper DNS records on your DNS and check.
Avatar of davorin


Thanks for your comment.
I have tried to ping that guid, but I get: ping request can not find host 03e1...
The same thing if I try to ping guid of (one) visible NIC in device manager.
In registry I have listed two network cards, but none of them has that guid. Probably this guid is from teamed NIC.
Can you please explain what you mean with proper DNS records?
I wanted to say you to check the DNS registration option at NIC. whather it was registered to your DNS or not.
Avatar of davorin


NIC has enabled option "register this connection's addresses in DNS".
On DNS servers the IP address of enabled NIC has correct A record.
dcdiag /test:dns gives me only some errors about root hints.
Internal and external name resolution works correctly.
All other exchange functionality is OK except antispam.
Error MSExchange Common Event ID 205 is listed exactly every 6 hours.
guid of "nonexistent and not configured" NIC is listed in registry under \\HKLM\software\microsoft\windows nt\current version\network list\nla\cache\intrenet right next to guid of correct NIC.
The only other errors in event log are Msexchange antispam 101, 600 and 700 saying DNS is not configured, sender ID, ip block list providers and sender reputation will be skipped  
To resolve event 101 and 600 follow below steps:
Review the Application log for related events. For example, events that occur immediately before and after this event may provide more information about the root cause of this error.
Make sure that the DNS configuration is accurate by using the ipconfig utility.
Refresh the DNS cache on the server.
Enter Ipconfig /flushdns and ipconfig /registerdns at a command prompt.
Enter ipconfig /all at a command prompt.
Make sure that the server that runs Microsoft Exchange Server can ping the DNS server
Avatar of davorin


Sorry for long delay.
I have tried all suggestions, but the problem remains.
I have also reinstalled antispam agents - nothing changed.

It seems that exchange can not forget old network adapter (HP teaming NIC) and it is insisting that DNS settings on that old NIC are not correct. There is no way that I can recreate the same NIC (teaming) with the same guid and I also can not change the configuration of the adapter which does not exsist.
Is there a way to tell transport agent that this old NIC does not exsist anymore?
Everything else on the Exchange server is working correctly.

Avatar of davorin
Flag of Slovenia image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of davorin


36 hours later everything is working OK, so I'm closing the question by accepting my comment, which solved the problem.
Thank you again.
Restarting the DNS Server service worked for me instantly, nothing else did.