Solved

exchange 2010 IP problem

Posted on 2012-03-30
5
52 Views
Last Modified: 2016-01-07
presently we have two exchange servers 03 and 2010 still having a problem with send connector from the 2010 box. Looks like the default behavior is for the 03 box to send through the 2010 server.
Did start a question on this and did get pointed correctly at the limitations of connectors between the the two servers.The problem remains however,that the sent email has the wrong ip and is being blocked by spam filters.
Existing factors
1) both servers can communicate with no problems
2) outside emails are received by both servers
3) when i create a generic DNS based send connector all send emails from both servers end up in the 2010 queue.
4) sent emails are stamped with the new exchange server and the ip of our firewall
5) I have created a NAT pol in our Sonicwall from the new server to a public IP. Whatismyip at the server returns the correct ip.
6) an A record with published for the new server through our DNS service provider. servername resolves correctly.  Reverse lookup does not.

Why is my outgoing email getting the ip of the firewall and not the ip of the mail server?
Should I publish another MX record for the new mail server while we move mailboxes and retire the old?

Thanks
0
Comment
Question by:fred_lambert
  • 2
5 Comments
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 37791531
Ok, the outgoing email is being stamped with the IP address of the firewall because it is sending from the firewall's default IP address.  You have an inbound NAT configured to one IP address, but you are only using the default IP address for outbound.  Also, you need your MX IP address to match your Reverse DNS entry for your mail server.

If you have a range of IP addresses, let's say 213.100.215.1 - 213.100.215.5 just for this example, your firewall would have 213.100.215.6 as its primary IP address.  You have published inbound SMTP on 213.100.215.1 and created an MX record to point to this IP address and you have configured your Reverse DNS entry correctly.

What would happen here is mail would come in to your Exchange server from external clients on 213.100.215.1.  This would not be a problem.  However, when you send mail, your firewall is sending mail with a translated source address of 213.100.215.6.  This would not match your Reverse DNS entry (which will be configured for 213.100.215.1) so external mail servers will reject the mail.

In short you need to create an outbound NAT rule to translate SMTP traffic to 213.100.215.1 instead of 213.100.215.6
0
 

Author Comment

by:fred_lambert
ID: 37791656
Thx.... I did try natting the new exchange server to the old exchange server public IP in the Sonicwall...(used the actual outgoing nat config of the old mail server)... again got the correct public ip   when using WHATISMYIP. outgoing mail still got stamped with the IP of the Sonicwall..  I'm baffled
0
 

Author Comment

by:fred_lambert
ID: 37797501
Found solution in modifying the services associated with the outgoing address object in my Sonicwall. All is well
Thx
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question