Link to home
Start Free TrialLog in
Avatar of omzeyad
omzeyad

asked on

the internal virtual IP of network balance hub cas sever is written in the reply of postmaster

Althought I removed the  ms-Exch-Send-Headers-Routing from the user NT AUTHORITY\ANONYMOUS LOGON in the send connector and
and the name of our internal server doesn't appear in the  message header of the sent message
the  internal virtual IP of network balance hub cas sever is written in the reply of postmaster to an external mail  as shown below ,what can i do to

 
#550 5.7.11 this user is not exist ##

Original message headers:


Received: from mail-iy0-f180.google.com (209.85.210.180) by mail.mydomain.com
 (virtual internal IP of nework load balanced servers) with Microsoft SMTP Server (TLS) id 14.1.323.3; Thu, 30 Aug
 2012 11:23:25 +0200


my topology :

I have 2 mailbox mbx1 and mbx2 server members in DAG1 group
I have 2 network load balance servers hubcas1 and hubcas2
2 active directory
Avatar of Bembi
Bembi
Flag of Germany image

It looks like that the stamp is made while receiving the original message?
Received from Google by YourExchnage....

So you may try also
Ms-Exch-Accept-Headers-Routing

If this is the case it may also cut off the stamp for other received mails...
Avatar of omzeyad
omzeyad

ASKER

Dear Bembi,

no it is not the case ,I tried to remove the Ms-Exch-Accept-Headers-Routing from the two intrenet receive coonnector I have and the default receive connector too but nothing changed


also |I tried to remove headers permission from the send connector I have
here is a breakdown-list of what I have removed :

 mydomain\Exchange Servers
 {ms-Exch-Send-Headers-Organization}

 mydomain\Exchange Servers
 {ms-Exch-Send-Headers-Forest}

 mydomain\Exchange Servers
 {ms-Exch-Send-Headers-Routing}

 MS Exchange\Partner Servers
 {ms-Exch-Send-Headers-Routing}

 MS Exchange\Hub Transport Servers
 {ms-Exch-Send-Headers-Forest}

 MS Exchange\Hub Transport Servers
 {ms-Exch-Send-Headers-Organization}

 MS Exchange\Hub Transport Servers
 {ms-Exch-Send-Headers-Routing}

 MS Exchange\Edge Transport Servers
 {ms-Exch-Send-Headers-Forest}

 MS Exchange\Edge Transport Servers
 {ms-Exch-Send-Headers-Routing}

 MS Exchange\Edge Transport Servers
 {ms-Exch-Send-Headers-Organization}

 MS Exchange\Externally Secured Servers
 {ms-Exch-Send-Headers-Routing}

 MS Exchange\Legacy Exchange Servers
 {ms-Exch-Send-Headers-Routing}
The base point of my idea was the following....
If you send a message, the routing information is put into the header...
You stopped this by ms-Exch-Send.....

As I see in the routing, I assume you tried to send a mail from google to your server to an unknown address and got back the NDR with the message above.

The mail was stamped while receiving, means ms-Exch-Send... can not work. It must have to do with Ms-Exch-Accept...

Have you tried to set them analog the  ms-Exch-Send..... settings?
So Ms-Exch-Accept... with Routing, Organisation, Forest?
Avatar of omzeyad

ASKER

yes I removed the Ms-Exch-Accept-Headers-Routing from the 2 internet receive connector and the default receive connector but nothing changed as I told you ,and kindly be noted that I want to remove the original header from the reply of the postmaster as you can see below :

this NDR is generated as I configured up mailbox  to receive only messages from authenticated users ,so naturally if I sent from gmail to this account I will got an NDR ,I just want to remove the original header from the NDR

Delivery has failed to these recipients or groups:

up@mydomain.com.eg
Your message can't be delivered because delivery to this address is restricted.

Diagnostic information for administrators:

Generating server: mydomain.com.eg

up@mydomain.com.eg
#550 5.7.1 RESOLVER.RST.NotAuthorized; not authorized ##

Original message headers:

Received: from mail-ie0-f180.google.com (209.85.223.180) by mail.mydomain.com.eg
 (myinternal IP) with Microsoft SMTP Server (TLS) id 14.1.323.3; Tue, 4 Sep
 2012 13:26:11 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=vJC5xKBe9DOwUv0iqMtqWqPN0sSHLAmUzOBsYt2OMs8=;
        b=e4ZpZgm/Xow7bWe3O9s2afC6cZPNXeMm4ND340jkSHijVpOI9S3CyWgendk38jKNKS
         Mos3sLwDbOn25IcyP1YJRqTVarg+++NqOjIetDscHL9o8noGmA5d9JM/KIM31AFN06ec
         QVSSJoKs7AIbe+qWXeJJbVGUz6JvsDnLsD3KfD6kCkJ8/vWlUCSghBeweL2x5XAKHpQJ
         857O7n8Bw5BwhHmYilluB4wkHan1QkTZP70y0m+mylr22I/MtMyPAFBCT6Js7ZovHarP
         AJ5hkhYx4zB5Yossxdf36ohc5JU2PrruCGKdBpy/D7TGJRyCxNSGYjDiBGqcckD/rhh7
         pi3w==
MIME-Version: 1.0
Date: Tue, 4 Sep 2012 13:33:38 +0200
Message-ID: <CAFE6j3xkGN78XxSSOsR8pdJ49kJE6t8iV-iN743uvg-GmUD=8g@mail.gmail.com>
Subject: partner-routing
From: nashwa Zaki <nashwa.sowelam@gmail.com>
To: <up@mydomain.com.eg>
Content-Type: multipart/alternative; boundary="14dae9340e0b20222204c8dea11a"
Return-Path: nashwa.sowelam@gmail.com
Received-SPF: Pass (HC01.mydomaindc.local: domain of nashwa.sowelam@gmail.com
 designates 209.85.223.180 as permitted sender)
 receiver=HC01.mydomaindc.local; client-ip=209.85.223.180;
 helo=mail-ie0-f180.google.com;


Final-Recipient: rfc822;up@mydomain.com.eg
Action: failed
Status: 5.7.1
Diagnostic-Code: smtp;550 5.7.1 RESOLVER.RST.NotAuthorized; not authorized
Yes, nevertheless I come back to my statement....
a.) You send a mail to your server.
--> Receive --> Mail is stamped...
b.) Your server produces an NDR and puts the original header (the header from the receiving, which is stamped) into the NDR.

That means, in my mind, you can only avoid it, if you do NOT allow the stamping of incoming emails.

The sending filter removes the header from the outgoing mail, but not from the content, which is put into the NDR.

Another option may be, at least for this case, to use the anti-spam functionality and set the "Block messages sent to recipients not listed in the Global Address List" of the Recipient Filtering option. This at least changes the NDR and does not send a header information.

Or you may just customize the settings for the NDRs
http://www.msexchange.org/articles_tutorials/exchange-server-2007/management-administration/customising-delivery-status-notification-messages.html
Avatar of omzeyad

ASKER

Dear Bembi

thanks for your patience in advance and your kind support

Let me change the question the problem is not about NDR regarding non-existing user my server also generate NDR for mailboxex that only accepts message from authenticated users .

the problem in in the diagnostic information of the NDR itself ,as you know every NDR has 2 section user section and Diagnostic Information for Administrators

the diagnostic information for administrators display the virtual internal ip of the network load balanced hub-cas servers .  as you see in the previous post

did you got me
> also generate NDR for mailboxex that only accepts
The idea was just in general to use customized NDRs, you can create them for every return code...

But you are right, the extended information may there too...

So comming back to Ms-Exch-Accept-xxx
to avoid the stamping of the original incoming mail, which is put into the NDR?
ASKER CERTIFIED SOLUTION
Avatar of omzeyad
omzeyad

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of omzeyad

ASKER

as my solution solved the problem