Solved

exchange 2010 FQDN problem in Message-id

Posted on 2016-09-06
3
76 Views
Last Modified: 2016-09-11
Something happened to my exchange 2010-server, and we're getting "sender IP must resolve" -errors from all over.

The problem is, that I have FQDN set as mail.mydomain.com, but nevertheless in message it shows as servername.mydomain.local (you can see from attached picture and the message header below)

Whatever I put there, it simply keeps pushing out the .local in message-id, and we keep being blocked in antispam.

How do I change that? I'm pretty positive that the root cause for the error message is this .local thing.

Our MX-records for the domain:

mx 1 mail.mydomain.com
mx 10 mail.backupdomain.com
TXT       mydomain.com.       v=spf1 a mx


And here's the message header


Received: from myserver.mydomain.local ([fe80::a9ff:d115:132c:5db3]) by
 myserver.mydomain.local ([fe80::a9ff:d115:132c:5db3%28]) with mapi id
 14.03.0123.003; Wed, 7 Sep 2016 00:52:42 +0300
From: "Me" <address>
To: "TestDude" <address>
Subject: test
Thread-Topic: test
Thread-Index: AdIIiPoMQiQ24arUSU2tIVQ6ZGSnZQ==
Date: Tue, 6 Sep 2016 21:52:41 +0000
Message-ID: <3766E2CABFB74944ACC400AC41D1AAACAF6442E2@myserver2.mydomain.local>
Accept-Language: fi-FI, en-US
Content-Language: fi-FI
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [92.159.55.22]
Content-Type: multipart/alternative;
 boundary="_000_3766E2CABFB74944ACC400AC41D1AAACAF6442E2myserverre_"
MIME-Version: 1.0
fqdnconf.png
0
Comment
Question by:Jarkko Jokelainen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 41

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41787126
The @myserver.mydomain.local stuff in there is Exchange Specific internal routing data that spam filters will ignore.

"Sender IP must resolve" means that you don't have Reverse DNS PTR record associated with the public IP address of your Exchange server. You have to contact your ISP and request that they create a PTR record for your IP address that resolves to mydomain.com or mail.mydomain.com.

Many spam filters are set to require a Reverse DNS lookup on any IP addresses that send messages to them. They don't generally pay attention to EHLO or HELO FQDNs because that information is very easily spoofed. The only data that can't be easily spoofed is the IP source, so the filters will attempt to do a Reverse DNS lookup against the IP address. If the lookup doesn't resolve a host name that matches the email domain, the message will be blocked if the spam filter is set to do so.

Edit to add: You can do a reverse DNS lookup by running nslookup <ip address> in CMD. The IP in your post 92.159.55.22 resolves to aaubervilliers-791-1-8-22.w92-159.abo.wanadoo.fr, which is the ISP's default PTR record. You have to get them to change that to match your mail domain.
0
 

Author Comment

by:Jarkko Jokelainen
ID: 41793556
The IP I gave in this description was just a random one, not the one the server uses.
HOWEVER: I decided to check one more time. External IP address was changed slightly, without me knowing it ... Was damn sure the PTR record existed, because I had requested it myself ... Oh well.
0
 

Author Closing Comment

by:Jarkko Jokelainen
ID: 41793557
IP was changed without my knowledge
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question