Solved

Emails originating from wrong public IP

Posted on 2014-07-27
13
550 Views
Last Modified: 2014-07-28
Hello,

Recently my company has purchased a Zix email encryption gateway. We have added the A, MX and PTR records successfully (Verified with mxtoolbox). To switch between Exchange and Zix simply requires changing the send connector.

Before changing the send connector; Headers correctly show the origination IP - .44 (Our exchange server)
After changing the send connector; Header incorrectly show the originating IP - .2 (Our Sonicwall)

Email flows fine - But because the originating IP in the header is showing our Sonicwall (.2) and not Zix (.88) our emails bounce back from Barracuda and McAfee secured domains.

I've recently changed the send connector back to not use Zix until I can figure out how to correct the header information on emails going through the Zix gateway.

Could someone tell me - In order to change the originating IP in the email header is there a change needed to be made to Exchange or the Sonicwall - And how to do so would be very helpful.

Public IPs end in:
Firewall -               .2
Exchange 2010 -   .44
Zix Gateway -        .88


Thanks!
0
Comment
Question by:RISLA
  • 7
  • 6
13 Comments
 
LVL 1

Expert Comment

by:mcammidge
ID: 40223635
Few things to check. Did the send connector use a smart host prior to the change? If so the NAT on the sonic wall might be configured with that smarthost destination so that it only NATs the server .44 when traffic is going to that old smarthost, if thats the case edit the NAT rule with the new smarthost.

Or did you create a new send connector?

Mark
0
 

Author Comment

by:RISLA
ID: 40223959
Thanks for the reply!

Prior to the change, "Use DNS MX records to route mail automatically" was checked off.

We edited the send connector to instead use "Route mail through the following smart hosts:" and added the new IP (.88)
0
 
LVL 1

Expert Comment

by:mcammidge
ID: 40224013
The .88 ip is that a cloud server or in your network?
0
 

Author Comment

by:RISLA
ID: 40224017
It's in my network.
0
 
LVL 1

Expert Comment

by:mcammidge
ID: 40224025
So the email leaves your network via the .88 box. If you goto whatismyip.com on exchange and the .88 can you confirm what ip shows on each?
0
 

Author Comment

by:RISLA
ID: 40224045
Exchange is showing .44

Zix is a UNIX based system.
- I set the private IP on initial setup, and then set up a NAT: 192.x.x.88 ==> 98.x.x.88

The IP can be confirmed because without the NAT,    The public IP doesn't respond to ping.
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 
LVL 1

Expert Comment

by:mcammidge
ID: 40224235
Can you paste your NAT rules (taking out some of the IP as you did above for security)
0
 

Author Comment

by:RISLA
ID: 40224308
0
 

Author Comment

by:RISLA
ID: 40224309
Zix has an identical rule. Just different IP
0
 
LVL 1

Accepted Solution

by:
mcammidge earned 500 total points
ID: 40224453
Thats your incoming nat. You need a rule to translate your outgoing. As your .88 server is sending email now youll need to NAT that to use .44 when destination port is 25. Please check there is probably a rule already making traffic source from 192.x.x.44 translated source 98.x.x.44 that is making your exchange use this on outbound connections
0
 

Author Comment

by:RISLA
ID: 40224679
mcammidge, I think you just saved my life.

I'm so used to only NATing inbound I looked right past it.

Waiting on confirmation that we're no longer being blocked, but sent myself a test message and the header read .88

I will mark this question as soon as I get confirmation. THANK YOU!
0
 
LVL 1

Expert Comment

by:mcammidge
ID: 40224681
No problem. NAT can be a pain! Hope all goes well

Mark
0
 

Author Closing Comment

by:RISLA
ID: 40225246
Mcammidge stuck with me until the end. Huge help, definitely wouldn't have seen the NAT was inverted without him.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

939 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now