[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Exchange 2010 - transport rule - change from address -

Posted on 2012-08-10
16
Medium Priority
?
3,880 Views
Last Modified: 2016-02-17
I need the ability to decrypt a Mail From: with transport rules (or by any other means necessary)


Our Company uses salesforce, which sends mail on behalf of our domain.

This has becoming an issue with spam filters (righty so); alternatively salesforce offers an email relaying option. Which I jumped on, and started relaying messages through my exchange server.

The problem that persists, in that looking at the from address, I still have salesforce info injected.

<,MAIL FROM:<sina=mydomain.com__2r55pvj5o3di54mg.nad6f5axnjv4u4g4@avu12ywlkua5esor.8ur5n.7-iu3deaw.7.bnc.salesforce.com>

Open in new window



Obviously I need it to look like this:

<,MAIL FROM:<sina@mydomain.com>

Open in new window



Here is a complete transaction, (names and addresses have been changed)

2012-08-10T22:09:44.596Z,mail\All Addresses - port 25,08CF4535B1A83E40,1,10.10.10.10:25,192.168.0.1:39397,*,SMTPSubmit SMTPAcceptAnySender SMTPAcceptAuthoritativeDomainSender AcceptRoutingHeaders,Set Session Permissions
2012-08-10T22:09:44.596Z,mail\All Addresses - port 25,08CF4535B1A83E40,2,10.10.10.10:25,192.168.0.1:39397,>,"220 mail.mydomain.com Microsoft ESMTP MAIL Service ready at Fri, 10 Aug 2012 18:09:44 -0400",
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,3,10.10.10.10:25,192.168.0.1:39397,<,EHLO smtp02-sjl.mta.salesforce.com,
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,4,10.10.10.10:25,192.168.0.1:39397,>,250-mail.mydomain.com Hello [192.168.0.1],
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,5,10.10.10.10:25,192.168.0.1:39397,>,250-SIZE,
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,6,10.10.10.10:25,192.168.0.1:39397,>,250-PIPELINING,
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,7,10.10.10.10:25,192.168.0.1:39397,>,250-DSN,
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,8,10.10.10.10:25,192.168.0.1:39397,>,250-ENHANCEDSTATUSCODES,
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,9,10.10.10.10:25,192.168.0.1:39397,>,250-AUTH,
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,10,10.10.10.10:25,192.168.0.1:39397,>,250-8BITMIME,
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,11,10.10.10.10:25,192.168.0.1:39397,>,250-BINARYMIME,
2012-08-10T22:09:44.690Z,mail\All Addresses - port 25,08CF4535B1A83E40,12,10.10.10.10:25,192.168.0.1:39397,>,250 CHUNKING,
2012-08-10T22:09:44.783Z,mail\All Addresses - port 25,08CF4535B1A83E40,13,10.10.10.10:25,192.168.0.1:39397,<,MAIL FROM:<sina=mydomain.com__2r55pvj5o3di54mg.nad6f5axnjv4u4g4@avu12ywlkua5esor.8ur5n.7-iu3deaw.7.bnc.salesforce.com>,
2012-08-10T22:09:44.783Z,mail\All Addresses - port 25,08CF4535B1A83E40,14,10.10.10.10:25,192.168.0.1:39397,*,08CF4535B1A83E40;2012-08-10T22:09:44.596Z;1,receiving message
2012-08-10T22:09:44.783Z,mail\All Addresses - port 25,08CF4535B1A83E40,15,10.10.10.10:25,192.168.0.1:39397,>,250 2.1.0 Sender OK,
2012-08-10T22:09:44.877Z,mail\All Addresses - port 25,08CF4535B1A83E40,16,10.10.10.10:25,192.168.0.1:39397,<,RCPT TO:<johnny@yourdomain.com>,
2012-08-10T22:09:44.877Z,mail\All Addresses - port 25,08CF4535B1A83E40,17,10.10.10.10:25,192.168.0.1:39397,>,250 2.1.5 Recipient OK,
2012-08-10T22:09:44.955Z,mail\All Addresses - port 25,08CF4535B1A83E40,18,10.10.10.10:25,192.168.0.1:39397,<,DATA,
2012-08-10T22:09:44.971Z,mail\All Addresses - port 25,08CF4535B1A83E40,19,10.10.10.10:25,192.168.0.1:39397,>,354 Start mail input; end with <CRLF>.<CRLF>,
2012-08-10T22:10:06.904Z,mail\All Addresses - port 25,08CF4535B1A83E40,20,10.10.10.10:25,192.168.0.1:39397,*,Tarpit for '0.00:00:21.746' due to 'DelayedAck',Delivered
2012-08-10T22:10:06.904Z,mail\All Addresses - port 25,08CF4535B1A83E40,21,10.10.10.10:25,192.168.0.1:39397,>,250 2.6.0 <gPfg_000000000000000000000000000000000000000000000M8K88800CXPeXmc2TGWeextopqHcmQ@sfdc.net> [InternalId=52] Queued mail for delivery,
2012-08-10T22:10:12.005Z,mail\All Addresses - port 25,08CF4535B1A83E40,22,10.10.10.10:25,192.168.0.1:39397,<,QUIT,
2012-08-10T22:10:12.005Z,mail\All Addresses - port 25,08CF4535B1A83E40,23,10.10.10.10:25,192.168.0.1:39397,>,221 2.0.0 Service closing transmission channel,
2012-08-10T22:10:12.005Z,mail\All Addresses - port 25,08CF4535B1A83E40,24,10.10.10.10:25,192.168.0.1:39397,-,,Local 

Open in new window


Any guidance will be most appreciated!
0
Comment
Question by:802brandon
  • 8
  • 7
16 Comments
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 38282699
Where is this email coming from - server external to your environment / some third-party website / mailbox user in your environment?

Precisely, what are you going to gain / want to gain using a transport rule?

Regards,
Exchange_Geek
0
 
LVL 2

Expert Comment

by:NimeshPanchal
ID: 38283165
i think so still mail redirection is there, means salesforce sending mail on behalf of your domain, in this case you have to check with your salesforce vendor,

Need some more details on this, like how your outgoing mail route & is there any gateway filter use for outgoing
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 38283169
@Nimesh:

Let us focus on getting the following id corrected, - this isn't correct. Normally, such id are seen cause of being generated by third-party server. You'd agree that Exchange categorizer won't allow such an email - cause it would convert the email to an appropriate email address that was stamped by Exchange AddressList Policy. So this is something that needs to be targeted first - then we can understand other stuff as mail-flow and re-direction etc etc.

<,MAIL FROM:<sina=mydomain.com__2r55pvj5o3di54mg.nad6f5axnjv4u4g4@avu12ywlkua5esor.8ur5n.7-iu3deaw.7.bnc.salesforce.com>

Regards,
Exchange_Geek
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 

Author Comment

by:802brandon
ID: 38287722
Unfortunately I have very limited options to change how SFDC sends emails; though I will also be following up with their support team to see if a satisfactory resolution can be made.

Whether or not mail is relayed through my SMTP, it still shows the full relay from: address.

What I need to know, to conclusively follow all avenues of resolution, is whether or not I can create an automated method to fix/change the Mail From: address from my end.

I don’t know if this is possible via transport rules or some other method.
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 38287772
The only method natively known to Exchange is called Address Re-write, mind you a lot of effort and understanding is required for this where you could change the "Mail From" for a particular user.

http://technet.microsoft.com/en-us/library/aa996806.aspx

Regards,
Exchange_Geek
0
 

Author Comment

by:802brandon
ID: 38288105
Thats great, any possibility that someone with experience with this can show me an example, how to get:

sina=mydomain.com__2r55pvj5o3di54mg.nad6f5axnjv4u4g4@avu12ywlkua5esor.8ur5n.7-iu3deaw.7.bnc.salesforce.com

Open in new window

TO

sina@mydomain.com

Open in new window

0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 38288165
Let me dig up my notes and see if i have documented this sort of procedure before OR wait for someone who'd know this and would jump in to save you.

However, I'd still be happy to see your vendor change that email id and would make our lives easier.

Regards,
Exchange_Geek
0
 

Author Comment

by:802brandon
ID: 38288254
Much appreciated!!

I agree, changing the process on my end isn't a very elegant solution.
I am still waiting to hear from the vendor, as far as im concerned, now that I am relaying through my own SMTP, there is no reason why they cant remove the extras.
0
 
LVL 33

Accepted Solution

by:
Exchange_Geek earned 2000 total points
ID: 38288816
Here are the steps that you'll need to talk, firs enable Re-writing agents.

Enable-TransportAgent -Identity "Address Rewriting Inbound agent"
Enable-TransportAgent -Identity "Address Rewriting Outbound agent"

Next, change the identity of sending email address

New-AddressRewriteEntry -name "joe@contoso.com to support@northwindtraders.com" -InternalAddress joe@contoso.com -ExternalAddress support@northwindtraders.com

So, your email address to change from

sina=mydomain.com__2r55pvj5o3di54mg.nad6f5axnjv4u4g4@avu12ywlkua5esor.8ur5n.7-iu3deaw.7.bnc.salesforce.com

TO

sina@mydomain.com

New-AddressRewriteEntry -name "sina=mydomain.com__2r55pvj5o3di54mg.nad6f5axnjv4u4g4@avu12ywlkua5esor.8ur5n.7-iu3deaw.7.bnc.salesforce.com to sina@mydomain.com" -InternalAddress sina=mydomain.com__2r55pvj5o3di54mg.nad6f5axnjv4u4g4@avu12ywlkua5esor.8ur5n.7-iu3deaw.7.bnc.salesforce.com -ExternalAddress sina@mydomain.com

Restart your Transport service and give it a shot.

Regards,
Exchange_Geek
0
 

Author Comment

by:802brandon
ID: 38289316
is there any expression that we can use to parse the entire From address and negate everything after sina=mydomain.com; then transform it into sina@mydomain.com.

The reason being for all intent and purpose the string is random, doesn't stay the same.

Sounds like a reasonable policy, though honestly I wouldn't know how to do it.
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 38289332
I'm afraid not.

Regards,
Exchange_Geek
0
 

Author Comment

by:802brandon
ID: 38289344
Its not as simple as throwing in a *wildcard, if its even a legal character.?
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 38289363
Wildcard would work, but wouldn't that cause an issue to all the outgoing emails - cause we aren't restricting this to user A or B.

Regards,
Exchange_Geek
0
 

Author Comment

by:802brandon
ID: 38291879
If this case if it were possible to run someting like sina=mydomain.com* to sina@mydomain.com

Anymail that has been relayed has the <= >sign in common. (james=mydomain.com*; robert=mydomain.com)

New-AddressRewriteEntry -name "sina=mydomain.com* to sina@mydomain.com"
-InternalAddress sina=mydomain.com* -ExternalAddress sina@mydomain.com

Open in new window

0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 38292026
To my understanding that is not an option. Technically the explanation is given below, logically let me explain.

Exchange needs to be told like a small boy in school - if boy A brings apple - hand over to boy B, if class A gives you sweets, give it to class B, if school A gives you work, hand over to school B.

The input that you gave niether qualifies as an email address NOR a domain, so Exchange would get confused.

Read the explanation below given from the link

When you use wildcard characters, there must be a period between the wildcard character and the domain name.
You can use wildcard characters only in the internal domain.
No characters can be in front of the wildcard character.

Regards,
Exchange_Geek
0
 

Author Closing Comment

by:802brandon
ID: 38295983
Thanks Exchange_Geek, I was able to resolve this with the vendor. Though your direction has still been informative!
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question