Solved

email issue

Posted on 2014-12-29
19
191 Views
Last Modified: 2015-01-06
Hi Experts,

I have a client who is experiencing the following email issues. Please see below

They are having an intermittent issue with email and company B  rejecting their email to us indicating an old DNS

Can anyone point me on the right directions?

Please, consider all spots to check and resolve this issue

Exchange Hybrid environment [Exchange 2010, office 365 and ADFS Windows 2008 servers in a NLB]
0
Comment
Question by:Jerry Seinfield
  • 10
  • 7
  • 2
19 Comments
 
LVL 10

Expert Comment

by:Michael Ian Claridge
ID: 40522318
Hello,

Lest to say that DNS will need to be correct, also there is likely to be a SPF record, this essentially validates the sending IP address against the domain DNS, this will need to be of the same IP range of sending server, that being the external facing IP, not any internal NAT'd address.

I hope this helps.

Michael
0
 

Author Comment

by:Jerry Seinfield
ID: 40522365
so,where should I check for the SPF record and follow your instructions, on the company sending or receiving the email? Source or target company?

Please advice
0
 
LVL 10

Expert Comment

by:Michael Ian Claridge
ID: 40522391
Hello,

This will be for the external facing DNS of the company sending the email if I have interpreted this correctly.

MXTOOLBOX have a txt and spf check:

http://mxtoolbox.com/

Regards

Michael
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:Jerry Seinfield
ID: 40522446
Michael,
is there an email where i can send you a private screenshots of the error and configuration?
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 40522471
Your SPF record probably contains the on-prem IP address of your older mail server and not the new microsoft ones.  You will need to update your SPF to contain those IPs as well.  
It should look similar to this:

"v=spf1 include:spf.protection.outlook.com ip4:68.232.143.88 ip4:68.232.141.190 -all"
0
 

Author Comment

by:Jerry Seinfield
ID: 40522559
Lilshooter, where should I look at that SPF record? Client uses a Symantec Brightmail as spam gateway. Please provide details to check this settings

See also NDR attached, and MBXTOOL report, and let me know your thoughts

email flows from Exchange 2010 ----. Symantec BrightMail -----> Internet

This only happens when sending emails to a specific company. Sending emails to other companies are OK
NDR.jpg
NDRGeneratedbySymantecBrightmail.txt
0
 

Author Comment

by:Jerry Seinfield
ID: 40522711
Can i please get an update about last comments?
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 40523757
Your SPF record is contained in your DNS records.  Look for a TXT record that contains the SPF line in it.  This is where the IP Addresses/Names of old mail servers will reside, you will need to add the new servers to that list.
0
 

Author Comment

by:Jerry Seinfield
ID: 40523807
Any comments on the NDR and screenshot attached? When you say, look for a TXT record that contains a SPF line is on the external DNS record? what about the Symantec spam gateway? what type of DNS record are we talking here?

Can you please provide an example of the file and line to look at?

For instance if the external DNS solution provide is Network solutions, where should we look at?
0
 

Author Comment

by:Jerry Seinfield
ID: 40524034
Gentleman, can someone please respond to this asap?
0
 
LVL 12

Accepted Solution

by:
Chris Staunton earned 500 total points
ID: 40524104
So if you're hosted at Network Solutions, you will need to login to the accounts management screen and locate the DNS records for the domain.  You will see A records, CNAME records and what you're looking for is a TXT record setup like the one above.  Use http://mxtoolbox.com/DNSLookup.aspx to check your DNS records.

As for the attached 5.0.0 smtp 554 error NDR that's a rejected message due to spam content, this is most likely caused by the missing SPF record.
0
 

Author Comment

by:Jerry Seinfield
ID: 40524131
Hi Lilshhoter,

I got another NDR with another company,

#< #5.7.0 smtp; 550 5.7.0 Local Policy Violation ?EUR" SPF Failure

so, most likely is  a SPF record that needs to be updated >?

Please see screenshot with the external DNS settings for my client

Look at the TXT record for SPF, does not contain any values, here is where I have to enter the IP public of my? please provide details
AmMXrecords.jpg
AmTextSrvRecords.jpg
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 40524211
So from your AmTextSrvRecords.jpg, you should also have a record of the outside IP and name of the Received: from mail.CompanySending.com (prodexch2010r2.CompanySending.com [10.0.21.60]) machine

generally it's the hide address of the network connection or if you are using a separate IP altogether for the SMTP host.

Your SPF record should look like this:  amalienet.com.  IN TXT "v=spf1 ip4:4.35.1.70  ip4:68.232.143.88 ip4:68.232.141.190 include:spf.protection.outlook.com include:mail.amalienet.com ~all"
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 40524501
febenitezc any luck getting this sorted out?
0
 

Author Comment

by:Jerry Seinfield
ID: 40525412
Chris, I got a communication from the client with the following question

From client

"I’ve had some communication with the team, and I have been advised to remove these two TXT records from the xxxxxx.com domain:"

Please see screenshots, they look to leave only one TXT record with the spf option by default

Do you believe is going to resolve this issue? I am not aware of any SPF implementation for this company, but since this is a Exchange Hybrid environment, not sure if we must enter on the SPF record the IP public requested above

Please advise
Am-TXT-records.jpg
AM2TXTRecords.jpg
0
 

Author Comment

by:Jerry Seinfield
ID: 40525443
Any updates?
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 40525558
Those are TXT records that are tied to the O365 Tenant, I would not remove them unless MS tells you to do so.  Have you adjusted the SPF record yet?
0
 

Author Comment

by:Jerry Seinfield
ID: 40525590
Chris, not sure If I explained the mail flow for this client

Client has one send connector to office 365, another send connector to outbound email [goes to Symantec BrightMail spam gateway], and not sure which IP should be entered on the SPF record. I know that should be a public IP, but not sure which one

On the other hand, all office 365 with hybrid deployments requires to update their SPF records?please advise
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 40525612
You can have both, the spf record I posted for you earlier has all the right settings  for all the IPs.  You can simply back up the current one you have, and replace it with the one I posted for you.
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
In-place Upgrading Dirsync to Azure AD Connect
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question