Solved

Force Exchange 2010 SP3 to use IPv4

Posted on 2013-06-07
5
2,445 Views
Last Modified: 2013-06-10
Hi

We have a pretty standard config on our Exchange Server, static IPv4 address, etc.

We relay all outbound emails through the AntiSpam server.

All of a sudden today everyone was getting Relay Access Denied NDR's, and after speaking with the AntiSpam server provider it seems the reason is because the server is all of a sudden using IPv6 in the headers (which are not in the ACL)

Now this in itself is an inherent problem becuase IPv6 although enabled on the Exchange Server, is not configured.

So I can workaround this issue by adding the IPv6 address into the AntiSpam box as "allowed to relay" but as IPv6 is set to DHCP, it could change?

Ideal solution will be to force it to use IPv4 (but I dont want to remove IPv6 as I have known this to cause issues on Exchange)
0
Comment
Question by:bikerhong
  • 2
  • 2
5 Comments
 
LVL 41

Expert Comment

by:Amit
ID: 39228732
0
 

Author Comment

by:bikerhong
ID: 39228752
I do not want to disable IPv6.

I just want it to stop using IPv6 headers.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39228773
I don't think you can stop IPv6 from appearing in the headers.

Windows uses IPv6 for the internal traffic process. This a really a problem of the antispam server provider. They shouldn't be looking into the headers for content so need to fix their product.

Simon.
0
 

Author Comment

by:bikerhong
ID: 39229162
Thanks Simon.

I'm not sure if I explained myself properly, but basically the AntiSpam box is seeing the source IP of the emails coming from an IPv6 address as opposed to the IPv4.

Due to the fact that the Trusted Hosts setting only containing the IPv4 address the emails are being denied.

On an email sent 3 weeks ago when I know it was all working properly I can see this line in the headers, which I would expect to (Berlin is the host name of the Exchange server and amsterdam is the hostname of the antispam box)

Received: from Berlin.domain.com (berlin.domain.com [192.168.61.40])      by
 amsterdam.domain.com (Postfix) with ESMTP id 8611DACD6C      for
 <someone@somewhere.com>; Fri, 17 May 2013 12:38:29 +0100 (BST)
Received: from BERLIN.domain.com ([fe80::9901:6655:4c36:c990]) by
 Berlin.domain.com ([fe80::9901:6655:4c36:c990%12]) with mapi id 14.03.0123.003;
 Fri, 17 May 2013 12:38:29 +0100

On the NDR headers and messages going out now I only see:

Received: from Berlin.domain.com (unknown [external ip])      by
 antispam.somewhere.com (Postfix) with ESMTP id B3AE727E807      for
 <someone@somewhere>; Fri,  7 Jun 2013 15:16:35 +0100 (BST)
Received: from BERLIN.domain.com ([fe80::9901:6655:4c36:c990]) by
 Berlin.domain.com ([fe80::a12e:e412:4b55:354d%16]) with mapi id 14.03.0123.003;
 Fri, 7 Jun 2013 15:16:34 +0100

From what I can make of it the ipv4 part is missing??
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39231487
The antispam device must support IPv6. Exchange will try and use IPv6 if it can.
You probably have a smart host configured on the server. If that is a host name, change it to an IPv4 IP address, that might help. Otherwise deploy IPv6 - it isn't hard, I have most of my clients using IPv6 internally already.

Simon.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
This video discusses moving either the default database or any database to a new volume.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now