Solved

email domain name showing as the wrong address

Posted on 2011-03-07
9
829 Views
Last Modified: 2012-05-11
Hi all,

I have a fairly annoying problem.

Setup:

Exchange 2003 server - Country A
Domain 1  - example.net
Domain 2 - example.net.au
Domain 3 - different.com

Users - Country A - Domain 1,2   -  No problems
Users - Country B - Domain 3   - Problems

The problem is as follow:

2 of 3 users in Country B, using RPC/HTTP Outlook Anywhere are receiving bounced email from clients / external people. They are sending out as user@different.com but when an external person is sending to them they are getting bounceback email from user@example.net.

Users in Country B are have multiple SMTP address on their AD account, with different.com as the primary. 'Update based on recipient policies' is unticked.

If you need any further information, or this is written so terribly that you can't understand it, please let me know.

I have access to the Exchange server, DNS domain setup etc.

Sample of an error:

-----Original Message-----
From: Mail Delivery System
[mailto:Mailer-Daemon@lon1-post-2.mail.demon.net]
Sent: 15 February 2011 17:27
To: External User

Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

 internal.user@www.example.net
    (generated from internal.user@different.com)
    SMTP error from remote mail server after RCPT
TO:<internal.user@www.example.net>:
    host mx1.xxx.com.au [xxx.xxx.xxx.xx]: 550 #5.1.0 Address rejected.

------ This is a copy of the message, including all the headers. ------

Return-path: <allan.mcewan@spacesolutions.info>
Received: from [194.70.27.66] (helo=mail.spacesolutions.info)
      by lon1-post-2.mail.demon.net with esmtp (Exim 4.69)
      id 1PpOgN-00072o-cc; Tue, 15 Feb 2011 17:27:24 +0000
Received: from spacesolutions.info [10.10.10.235] by mail.spacesolutions.info - Websense Email Security (7.2.0); Tue, 15 Feb
2011 17:13:01 +0000
Received: from 10.10.10.235 ([10.10.10.235]) by chessabz02.chess.group
([10.10.10.235]) with Microsoft Exchange Server HTTP-DAV ;  Tue, 15 Feb 2011 17:23:28 +0000
Subject: Proposal
From: "External User" <external.user@spacesolutions.info>
Content-Type: text/plain;
      charset="us-ascii"
Message-ID: <9560F65B-B183-4CA3-B10B-F93333C6A3A3@spacesolutions.info>
Date: Tue, 15 Feb 2011 17:26:09 +0000
To: <internal.user@www.example.net>,
      <internal.user@example.net>
Thread-Topic: Proposal
Thread-Index: AcvNNQ9zpWKj+sGfQquqQ4oet5/26w==
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0 (iPhone Mail 8A293)
X-SEF-7853D99-ADF1-478E-8894-213D316B8FFA: 1
X-SEF-Processed: 7_2_0_00499__2011_02_15_17_13_02
0
Comment
Question by:samfpt
  • 4
  • 3
  • 2
9 Comments
 
LVL 49

Expert Comment

by:Akhater
ID: 35065788
your key is here

 host mx1.xxx.com.au [xxx.xxx.xxx.xx]: 550 #5.1.0 Address rejected


my best guess is that mx1.xxx.com.au is some external spam filter and it is not configured correctly for user@different.com, in all cases this is the guy rejecting the messages.

is this mx1.xxx.com.au your exchange server?
0
 

Author Comment

by:samfpt
ID: 35065890
the mx.1 address is our Spam/Filtering provider

So you think that is the place where it is being rejected?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 35065973
I don't think it is written :)

TO:<internal.user@www.example.net>:
    host mx1.xxx.com.au [xxx.xxx.xxx.xx]: 550 #5.1.0 Address rejected.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:samfpt
ID: 35065984
Sorry I don't know what you mean there?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 35065991
I mean that this line >>  host mx1.xxx.com.au [xxx.xxx.xxx.xx]: 550 #5.1.0 Address rejected. <<<<

means that mx1.xxx.com.au [xxx.xxx.xxx.xx] replied Address Rejected so the problem can only be from the anti spam
0
 

Author Comment

by:samfpt
ID: 35066000
Ah ok. Thanks for that, I have previously spoken with them and they seemed to think it was all fine at their end. I will give them another call and get to the bottom of it!

BRB
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 35072092
I agree that the junkmail filter is worth checking into.

Also, this may cause you some problems:
 internal.user@www.example.net

Usually, the www prefix is only used for websites. email addresses normally just have example.net (not www.example.net)

I suspect the address is being rejected as it is invalid.
0
 

Author Comment

by:samfpt
ID: 35075529
@totallytonto

That's what I thought initially, but I've confirmed the user is entering the address correctly and not with a WWW prefix

Should hear back from the Spam provider today and will report back

Thanks all
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 500 total points
ID: 35100051
check the tracking logs in the server. if the user isn't entering the address as www.example.net you need to work out why the www is being added. this is almost certainly the issue.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Read this checklist to learn more about the 15 things you should never include in an email signature.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question