[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


MailEssentials blocking local ActiveSync emails; how to fix MIME FROM address?

Posted on 2014-12-04
Medium Priority
Last Modified: 2014-12-10
We have a client that is using GFI MailEssentials for spam filtering on Exchange '03.  In general, ME is very effective and has few false positives.  However, we're having a problems with false positives with ActiveSync emails that are being sent from local addresses to local addresses.  The problem affects both iPhone and Android users.

For example, user1@company.com sends an email from his iPhone to user2@company.com.  The email is received by user2@company.com but it is sent to user2's junk mail folder and ME has flagged it as "[HEADER CHECKING] - Domain does not exist".  This happens consistently and without fail.  

I checked the internet header of the affected emails and they always indicate:
Received: from ([]) by localserver.<client's local domain>.local ([])

Unaffected emails indicate the following:
Received: from subdomain.domain.com ([valid live IP]) by remote.<client's internet domain>.com

I added to the whitelist in ME but that had no effect.  

Under Header Checking in ME, the only box checked is "verify if sender domain is valid (performs DNS lookup on MIME FROM:)".  Unchecking that box stops ActiveSync users' emails from being junk mailed by header checking, but I feel like that's at least slightly compromising the spam filtering ability of ME.  

Why would emails sent via ActiveSync incorrectly report their MIME FROM as the server's local IP address instead of the internet FQDN?  And more importantly, how do I fix it?
Question by:SINC_dmack
  • 2
  • 2
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 2000 total points
ID: 40481912
There is only one answer - and that is to upgrade.

ActiveSync on Exchange 2003 is a version 1 implementation and is full of things like this. You cannot change the configuration. ActiveSync makes a call in to the OWA virtual directory for the data, which is why you have the transfer listed in the way that it is - making a call to the localhost. SBS 2003 even has to make a change to the OWA configuration for it to work correctly.

Exchange 2003 is well past its sell by date for ActiveSync, many of the more recent ActiveSync clients do not work properly with it.

To sum up, you cannot change the behaviour of ActiveSync. Either upgrade or remove the filtering option you have identified in the third party product to allow the message to go through.


Author Comment

ID: 40481960
Thanks, Simon.  I kind of figured as much.  I'm also having issues with remote Outlook clients being able to connect (even though Outlook Anywhere passes diagnostics on testexchangeconnectivity.com) and I can't get Autodiscover to work either, but I've "sort of" been able to work around those issues.

I've suggested to the client that they should definitely budget for upgrading sooner rather than later--hopefully they'll take that to heart.

I'll leave this question open for a few days in case someone else has a Hail Mary response--if not, I'll give you the points.
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40481967
There is no Autodiscover on Exchange 2003. That is Exchange 2007 and higher only.


Author Comment

ID: 40483795
You know, I thought it was rather odd that there was no Autodiscover folder under the default website in IIS.  I checked two other Windows '03 / Exchange '03 servers and they were both missing it as well--now I know why!

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

868 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question