Exchange 2010 - IP Allow List Not Working

I have two Exchange 2010 servers I manage at different clients where I'm experiencing the same problem. The Exchange anti-spam is enabled on both servers in question. What's occurring is, email sent from specific domains is being rejected regardless of the fact that I have the IP Allow List enabled on each with the sending IP of the problem email domain listed. Despite the IP's appearing in IP Allow List, the server continues to block the messages. I have double verified that both the IP Allow List is enabled and that I have the correct IP addresses listed. I know it's Exchange blocking the messages after reviewing the transport logs where the reason for rejection states, "550 5.7.1 Sender ID (PRA) Domain Does Not Exist." I do have Sender ID enabled and verified that the email domain of this specific sender does not have a SPF record created so it makes perfect sense that the Sender ID test would fail and reject the message aside from the fact that I have it on the IP Allow List. I'm not sure if something is possibly taken precedence over the IP Allow List? I could disable the Sender ID but I'd prefer to know what's causing the issue.

Thanks in advance!
Danstr1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Michael MachieFull-time technical multi-taskerCommented:
An email can come from multiple different IPs from the same Domain. For instance, a remote User would not have the same IP when working remotely (unless using a Proxy on that IP), but will have the same Domain info. I would attempt to add the entire Domain name to your Safe Sender's List and see how that goes. This will allow anything from that @Domain to pass through regardless of the IP Allow used.
0
Danstr1Author Commented:
The sending IP has remained consistent when I reviewed the transport logs. However, I did add the domain itself to the whitelist in Exchange by performing the steps below. After doing so, email messages are still being blocked. Error message in transport logs states Sender ID as the reason for the failure. I don't understand why Exchange continues to block the emails in questions!?

Set-ContentFilterConfig –BypassedSenderDomain (“domain.com, domain.com”)
0
Danstr1Author Commented:
I ended resolving the issue by disabling the Sender ID filtering in the built-in Exchange anti-spam.  I was hesitant to do so but I do have additional spam mechanisms in place. I still confused as to why the messages in question were continuing to be filtered despite the fact that I had included them in the safe sender's list as well as their domain in the bypassed sender domain. The issue really was on their end since they didn't have SPF records created which is why the messages were being blocked in the first place. We just need a means from time to time to allow specific email domains through since a fair amount of the companies we interact with have limited if any IT support.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Michael MachieFull-time technical multi-taskerCommented:
Sounds like you found the fix. You should close this question as solved by yourself.
0
Danstr1Author Commented:
The is really more of a workaround than a solution.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.