Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Emails originating from wrong public IP

Posted on 2014-07-27
13
556 Views
Last Modified: 2014-07-28
Hello,

Recently my company has purchased a Zix email encryption gateway. We have added the A, MX and PTR records successfully (Verified with mxtoolbox). To switch between Exchange and Zix simply requires changing the send connector.

Before changing the send connector; Headers correctly show the origination IP - .44 (Our exchange server)
After changing the send connector; Header incorrectly show the originating IP - .2 (Our Sonicwall)

Email flows fine - But because the originating IP in the header is showing our Sonicwall (.2) and not Zix (.88) our emails bounce back from Barracuda and McAfee secured domains.

I've recently changed the send connector back to not use Zix until I can figure out how to correct the header information on emails going through the Zix gateway.

Could someone tell me - In order to change the originating IP in the email header is there a change needed to be made to Exchange or the Sonicwall - And how to do so would be very helpful.

Public IPs end in:
Firewall -               .2
Exchange 2010 -   .44
Zix Gateway -        .88


Thanks!
0
Comment
Question by:RISLA
  • 7
  • 6
13 Comments
 
LVL 1

Expert Comment

by:mcammidge
ID: 40223635
Few things to check. Did the send connector use a smart host prior to the change? If so the NAT on the sonic wall might be configured with that smarthost destination so that it only NATs the server .44 when traffic is going to that old smarthost, if thats the case edit the NAT rule with the new smarthost.

Or did you create a new send connector?

Mark
0
 

Author Comment

by:RISLA
ID: 40223959
Thanks for the reply!

Prior to the change, "Use DNS MX records to route mail automatically" was checked off.

We edited the send connector to instead use "Route mail through the following smart hosts:" and added the new IP (.88)
0
 
LVL 1

Expert Comment

by:mcammidge
ID: 40224013
The .88 ip is that a cloud server or in your network?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:RISLA
ID: 40224017
It's in my network.
0
 
LVL 1

Expert Comment

by:mcammidge
ID: 40224025
So the email leaves your network via the .88 box. If you goto whatismyip.com on exchange and the .88 can you confirm what ip shows on each?
0
 

Author Comment

by:RISLA
ID: 40224045
Exchange is showing .44

Zix is a UNIX based system.
- I set the private IP on initial setup, and then set up a NAT: 192.x.x.88 ==> 98.x.x.88

The IP can be confirmed because without the NAT,    The public IP doesn't respond to ping.
0
 
LVL 1

Expert Comment

by:mcammidge
ID: 40224235
Can you paste your NAT rules (taking out some of the IP as you did above for security)
0
 

Author Comment

by:RISLA
ID: 40224308
0
 

Author Comment

by:RISLA
ID: 40224309
Zix has an identical rule. Just different IP
0
 
LVL 1

Accepted Solution

by:
mcammidge earned 500 total points
ID: 40224453
Thats your incoming nat. You need a rule to translate your outgoing. As your .88 server is sending email now youll need to NAT that to use .44 when destination port is 25. Please check there is probably a rule already making traffic source from 192.x.x.44 translated source 98.x.x.44 that is making your exchange use this on outbound connections
0
 

Author Comment

by:RISLA
ID: 40224679
mcammidge, I think you just saved my life.

I'm so used to only NATing inbound I looked right past it.

Waiting on confirmation that we're no longer being blocked, but sent myself a test message and the header read .88

I will mark this question as soon as I get confirmation. THANK YOU!
0
 
LVL 1

Expert Comment

by:mcammidge
ID: 40224681
No problem. NAT can be a pain! Hope all goes well

Mark
0
 

Author Closing Comment

by:RISLA
ID: 40225246
Mcammidge stuck with me until the end. Huge help, definitely wouldn't have seen the NAT was inverted without him.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question