Solved

Email Delivery to a Distribution Group and message tracking that email

Posted on 2014-04-23
4
344 Views
Last Modified: 2015-06-25
This is a very odd situation and it involves two somewhat related issues.  

1. We are using Proofpoint for a SPAM filter and have had no major issues until I recently created 4 mail enabled security groups. I was informed that external emails were not being delivered to these groups.  I performed a search on our Proofpoint site, found the emails in question, which had a Status of sent.  The MTA log shows me that it has indeed been delivered to our CAS server (Hub Transport).   As far as I can tell,  this is only occurring with groups which have been created since we started using Proofpoint.   All pre-existing groups are functioning correctly.   But Proofpoint points to the fact that message is being sent and is telling me it's not their problem and I need to track the message internally.  

2. Whether I run a powershell command (get-messagetrackinglog etc. ) or run the exchange troubleshooting assistant, using the SPECIFIC Internal message ID number. I always get back no results found, which is impossible.  
ANy thoughts would be appreciated.
0
Comment
Question by:dpvone
4 Comments
 
LVL 9

Expert Comment

by:Derek Schauland
ID: 40048085
If you can see the messages in the spam filter, can you redirect the message to yourself to see if changing the mailflow allows the message to land?  It sounds like the email messages are being mishandled when they get to the hub transport.  Perhaps having the message forwarded from the console at the spam filter to another user (if possible) will get you started down the right path.

Have you tried the exchange connectivity analyzer http://testconnectivity.microsoft.com for inbound smtp email using one of these groups as the target?
0
 

Accepted Solution

by:
dpvone earned 0 total points
ID: 40059592
Thanks,  I found the issue and it actually makes the behavior described above make sense.   In Exchange 2010 (don't know about 2007)  when a distribution group is created, Exchange by default turns on a parameter to only allow email from authenticated users:  Properties > Mail Flow Settings > Mail Delivery Restrictions > Checkbox is turned on "Require that all senders are authenticated" .  I unchecked this box and the group could then receive external email.

SO anyone who doesn't authenticate on the domain, in other words ALL external email,  cannot send email to the group and there is no bounce back or message.  The spam filter delivers it because the group is defined there but Exchange never has any record of the message.  While I can understand somewhat the need to limit external access to a distribution list this should not be turned on by default.   Many companies I've worked for use lists for a wide variety of reasons, many of which are to manage email from external addresses.  We for example use them for contest responses, surveys, and to interact with business partners.  We also use lists when registering for products, support, or forums ( such as this site) so that responses and information are disseminated to the entire group.
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40850264
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Digital marketing agencies have encountered both the opportunities and difficulties that emerge from working with a wide-ranging organizations.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question