Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2881
  • Last Modified:

Force Exchange 2010 SP3 to use IPv4

Hi

We have a pretty standard config on our Exchange Server, static IPv4 address, etc.

We relay all outbound emails through the AntiSpam server.

All of a sudden today everyone was getting Relay Access Denied NDR's, and after speaking with the AntiSpam server provider it seems the reason is because the server is all of a sudden using IPv6 in the headers (which are not in the ACL)

Now this in itself is an inherent problem becuase IPv6 although enabled on the Exchange Server, is not configured.

So I can workaround this issue by adding the IPv6 address into the AntiSpam box as "allowed to relay" but as IPv6 is set to DHCP, it could change?

Ideal solution will be to force it to use IPv4 (but I dont want to remove IPv6 as I have known this to cause issues on Exchange)
0
bikerhong
Asked:
bikerhong
  • 2
  • 2
1 Solution
 
AmitIT ArchitectCommented:
0
 
bikerhongAuthor Commented:
I do not want to disable IPv6.

I just want it to stop using IPv6 headers.
0
 
Simon Butler (Sembee)ConsultantCommented:
I don't think you can stop IPv6 from appearing in the headers.

Windows uses IPv6 for the internal traffic process. This a really a problem of the antispam server provider. They shouldn't be looking into the headers for content so need to fix their product.

Simon.
0
 
bikerhongAuthor Commented:
Thanks Simon.

I'm not sure if I explained myself properly, but basically the AntiSpam box is seeing the source IP of the emails coming from an IPv6 address as opposed to the IPv4.

Due to the fact that the Trusted Hosts setting only containing the IPv4 address the emails are being denied.

On an email sent 3 weeks ago when I know it was all working properly I can see this line in the headers, which I would expect to (Berlin is the host name of the Exchange server and amsterdam is the hostname of the antispam box)

Received: from Berlin.domain.com (berlin.domain.com [192.168.61.40])      by
 amsterdam.domain.com (Postfix) with ESMTP id 8611DACD6C      for
 <someone@somewhere.com>; Fri, 17 May 2013 12:38:29 +0100 (BST)
Received: from BERLIN.domain.com ([fe80::9901:6655:4c36:c990]) by
 Berlin.domain.com ([fe80::9901:6655:4c36:c990%12]) with mapi id 14.03.0123.003;
 Fri, 17 May 2013 12:38:29 +0100

On the NDR headers and messages going out now I only see:

Received: from Berlin.domain.com (unknown [external ip])      by
 antispam.somewhere.com (Postfix) with ESMTP id B3AE727E807      for
 <someone@somewhere>; Fri,  7 Jun 2013 15:16:35 +0100 (BST)
Received: from BERLIN.domain.com ([fe80::9901:6655:4c36:c990]) by
 Berlin.domain.com ([fe80::a12e:e412:4b55:354d%16]) with mapi id 14.03.0123.003;
 Fri, 7 Jun 2013 15:16:34 +0100

From what I can make of it the ipv4 part is missing??
0
 
Simon Butler (Sembee)ConsultantCommented:
The antispam device must support IPv6. Exchange will try and use IPv6 if it can.
You probably have a smart host configured on the server. If that is a host name, change it to an IPv4 IP address, that might help. Otherwise deploy IPv6 - it isn't hard, I have most of my clients using IPv6 internally already.

Simon.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now