Solved

Cannot receive email from a specific domain

Posted on 2011-03-08
18
549 Views
Last Modified: 2012-05-11
I am having difficulty receiving email from a specific domain. We are using forefront for exchange, and exchange 2007. For some reason I think our system is marking their email as spam and boucing it. THey are not receiving NDR's probably because there server doesnt allow and their email is hosted offsite. To test I disabled all the antispam services in exchange, such as content filter, etc. Then they were able to send to us with no problems. I also have them on an allow list in forefront. Is there somewhere else I should be putting there domain name in exchange to whitelist them, or in forefront I am not seeing?
0
Comment
Question by:JessicaWatters
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 4
  • 3
  • +1
18 Comments
 
LVL 6

Expert Comment

by:rnicolaus
ID: 35070473
Exchange Server 2007 can apply whitelists and blocklists on Edge Transport servers and Hub Transport servers that have the Exchange Server 2007 Anti-Spam components installed.

Whitelists are configured in two places.  Whitelisted IP addresses (or the IP Allow List) are handled by the Connection Filter agent but are not configured at the organisation level.  Instead they are configured on the Edge Transport or Hub Transport servers.  Typically the IP address whitelist is configured on any Transport server that accepts email from the internet."

Full article with screenshots: http://www.allspammedup.com/2009/01/managing-whitelists-and-blocklists-for-exchange-server-environments/

Also, check if the domain is blacklisted anywhere:  http://www.mxtoolbox.com/blacklists.aspx

0
 

Author Comment

by:JessicaWatters
ID: 35070949
Ok so I entered in the ip allow list providers list the following: "domain.com" for the organization. We resent a test and still didnt come through. Should I be entering it another way and not their domain.com?
0
 
LVL 6

Expert Comment

by:rnicolaus
ID: 35070999
I believe you have to restart the SMTP service for it to take effect.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:JessicaWatters
ID: 35071107
Does it automatically take into effect after a period of time? I dont watn to restart service during business hours.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 400 total points
ID: 35071321
If you have entered into Forefront and hit the Save button it will take effect. Forefront will have stopped and restarted the services behind the scenes already.
0
 

Author Comment

by:JessicaWatters
ID: 35071565
Ok....well this is where I entered the domain in forefront: filter lists-->Allowed Senders.
DO I also need to enter it in Filter Lists-->sender domains?

Should I NOT need to enter in exchange IP List Providers then?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35071573
sender domains is where I would expect to see it.
0
 

Author Comment

by:JessicaWatters
ID: 35071635
Sender-domains filtering enables you to filter messages from particular senders or domains.  So, it's meant to block particular senders or domains, not exclude.  When you add a domain to this list, you are telling Forefront to block it, not exclude it.  Plus, Sender-domains filtering only works for Realtime and Manual scan jobs.  Realtime is internally sent mail, from one internal user to another internal user.  Sender-domains will not work on Transport scan.

THis is what I found....so prob. not a good idea to enter in Sender Domains!
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35071653
Hang on a bit. It won't take THAT long to uninstall my FPE and install FSE.
0
 
LVL 9

Expert Comment

by:dexIT
ID: 35072196
Did you try running the recipient's mail server through a PBL check?
0
 

Author Comment

by:JessicaWatters
ID: 35072314
No...what is PBL check? you mean RBL? If so not they are not on a blacklist.
0
 

Author Comment

by:JessicaWatters
ID: 35072378
SOrry I see what PBL is......I have to look into this
0
 

Author Comment

by:JessicaWatters
ID: 35072407
I dont see where I can check there domain on the spamhaus site if this is where you are referring to. Any suggestions?
0
 

Author Comment

by:JessicaWatters
ID: 35072448
We do use zen.spamhaus.org in exchange under our IP Blocklist Providers. SO now I need to figure out if they are on that list. How can I check....not able to clearly see on their site?
0
 
LVL 6

Expert Comment

by:rnicolaus
ID: 35072477
I remember a similar issue where the ISP didn't set Reverse DNS properly.  Do you have reverse DNS setup for your mail server's IP address?  If you don't know, check if it here:  http://www.mxtoolbox.com/

If it's not setup - you usually ask your ISP to set it RDNS
0
 
LVL 6

Expert Comment

by:rnicolaus
ID: 35072486
and from my 1st post:

"Also, check if the domain is blacklisted anywhere:  http://www.mxtoolbox.com/blacklists.aspx"
0
 

Author Comment

by:JessicaWatters
ID: 35150509
I had to add a long list of their IP addresses for their MX servers that their mail goes through in exchange in IP allow list anti spam for the server settings. It eventually let the mail through....I needed a lot of IP's as they were hosting their mail offsite.
0
 

Author Closing Comment

by:JessicaWatters
ID: 35150519
I was able to get to what I needed to figure out by his help.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question