Solved

exchange 2010 FQDN problem in Message-id

Posted on 2016-09-06
3
63 Views
Last Modified: 2016-09-11
Something happened to my exchange 2010-server, and we're getting "sender IP must resolve" -errors from all over.

The problem is, that I have FQDN set as mail.mydomain.com, but nevertheless in message it shows as servername.mydomain.local (you can see from attached picture and the message header below)

Whatever I put there, it simply keeps pushing out the .local in message-id, and we keep being blocked in antispam.

How do I change that? I'm pretty positive that the root cause for the error message is this .local thing.

Our MX-records for the domain:

mx 1 mail.mydomain.com
mx 10 mail.backupdomain.com
TXT       mydomain.com.       v=spf1 a mx


And here's the message header


Received: from myserver.mydomain.local ([fe80::a9ff:d115:132c:5db3]) by
 myserver.mydomain.local ([fe80::a9ff:d115:132c:5db3%28]) with mapi id
 14.03.0123.003; Wed, 7 Sep 2016 00:52:42 +0300
From: "Me" <address>
To: "TestDude" <address>
Subject: test
Thread-Topic: test
Thread-Index: AdIIiPoMQiQ24arUSU2tIVQ6ZGSnZQ==
Date: Tue, 6 Sep 2016 21:52:41 +0000
Message-ID: <3766E2CABFB74944ACC400AC41D1AAACAF6442E2@myserver2.mydomain.local>
Accept-Language: fi-FI, en-US
Content-Language: fi-FI
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [92.159.55.22]
Content-Type: multipart/alternative;
 boundary="_000_3766E2CABFB74944ACC400AC41D1AAACAF6442E2myserverre_"
MIME-Version: 1.0
fqdnconf.png
0
Comment
Question by:Jarkko Jokelainen
  • 2
3 Comments
 
LVL 39

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41787126
The @myserver.mydomain.local stuff in there is Exchange Specific internal routing data that spam filters will ignore.

"Sender IP must resolve" means that you don't have Reverse DNS PTR record associated with the public IP address of your Exchange server. You have to contact your ISP and request that they create a PTR record for your IP address that resolves to mydomain.com or mail.mydomain.com.

Many spam filters are set to require a Reverse DNS lookup on any IP addresses that send messages to them. They don't generally pay attention to EHLO or HELO FQDNs because that information is very easily spoofed. The only data that can't be easily spoofed is the IP source, so the filters will attempt to do a Reverse DNS lookup against the IP address. If the lookup doesn't resolve a host name that matches the email domain, the message will be blocked if the spam filter is set to do so.

Edit to add: You can do a reverse DNS lookup by running nslookup <ip address> in CMD. The IP in your post 92.159.55.22 resolves to aaubervilliers-791-1-8-22.w92-159.abo.wanadoo.fr, which is the ISP's default PTR record. You have to get them to change that to match your mail domain.
0
 

Author Comment

by:Jarkko Jokelainen
ID: 41793556
The IP I gave in this description was just a random one, not the one the server uses.
HOWEVER: I decided to check one more time. External IP address was changed slightly, without me knowing it ... Was damn sure the PTR record existed, because I had requested it myself ... Oh well.
0
 

Author Closing Comment

by:Jarkko Jokelainen
ID: 41793557
IP was changed without my knowledge
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question