Solved

exchange 2010 FQDN problem in Message-id

Posted on 2016-09-06
3
41 Views
Last Modified: 2016-09-11
Something happened to my exchange 2010-server, and we're getting "sender IP must resolve" -errors from all over.

The problem is, that I have FQDN set as mail.mydomain.com, but nevertheless in message it shows as servername.mydomain.local (you can see from attached picture and the message header below)

Whatever I put there, it simply keeps pushing out the .local in message-id, and we keep being blocked in antispam.

How do I change that? I'm pretty positive that the root cause for the error message is this .local thing.

Our MX-records for the domain:

mx 1 mail.mydomain.com
mx 10 mail.backupdomain.com
TXT       mydomain.com.       v=spf1 a mx


And here's the message header


Received: from myserver.mydomain.local ([fe80::a9ff:d115:132c:5db3]) by
 myserver.mydomain.local ([fe80::a9ff:d115:132c:5db3%28]) with mapi id
 14.03.0123.003; Wed, 7 Sep 2016 00:52:42 +0300
From: "Me" <address>
To: "TestDude" <address>
Subject: test
Thread-Topic: test
Thread-Index: AdIIiPoMQiQ24arUSU2tIVQ6ZGSnZQ==
Date: Tue, 6 Sep 2016 21:52:41 +0000
Message-ID: <3766E2CABFB74944ACC400AC41D1AAACAF6442E2@myserver2.mydomain.local>
Accept-Language: fi-FI, en-US
Content-Language: fi-FI
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [92.159.55.22]
Content-Type: multipart/alternative;
 boundary="_000_3766E2CABFB74944ACC400AC41D1AAACAF6442E2myserverre_"
MIME-Version: 1.0
fqdnconf.png
0
Comment
Question by:Jarkko Jokelainen
  • 2
3 Comments
 
LVL 38

Accepted Solution

by:
Adam Brown earned 500 total points
Comment Utility
The @myserver.mydomain.local stuff in there is Exchange Specific internal routing data that spam filters will ignore.

"Sender IP must resolve" means that you don't have Reverse DNS PTR record associated with the public IP address of your Exchange server. You have to contact your ISP and request that they create a PTR record for your IP address that resolves to mydomain.com or mail.mydomain.com.

Many spam filters are set to require a Reverse DNS lookup on any IP addresses that send messages to them. They don't generally pay attention to EHLO or HELO FQDNs because that information is very easily spoofed. The only data that can't be easily spoofed is the IP source, so the filters will attempt to do a Reverse DNS lookup against the IP address. If the lookup doesn't resolve a host name that matches the email domain, the message will be blocked if the spam filter is set to do so.

Edit to add: You can do a reverse DNS lookup by running nslookup <ip address> in CMD. The IP in your post 92.159.55.22 resolves to aaubervilliers-791-1-8-22.w92-159.abo.wanadoo.fr, which is the ISP's default PTR record. You have to get them to change that to match your mail domain.
0
 

Author Comment

by:Jarkko Jokelainen
Comment Utility
The IP I gave in this description was just a random one, not the one the server uses.
HOWEVER: I decided to check one more time. External IP address was changed slightly, without me knowing it ... Was damn sure the PTR record existed, because I had requested it myself ... Oh well.
0
 

Author Closing Comment

by:Jarkko Jokelainen
Comment Utility
IP was changed without my knowledge
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now