As with many people (according to searches) my client is having email bounced by Microsoft because their recently introduced spam checking system is looking further down the email message Header Block and doing a reverse IP lookup on the internal name of the exchange server. This cannot be an FQDN because when the site was taken over we had to accept what had already been set up.
The scenario is (the names have been changed) that www.fulldomainname.com
is their registered domain and all email goes out on to the internet as email@example.com. This has been the case for several years, but in August 2016 hotmail.co.uk /.com and outlook.com address started to bounce. No other email bounces.
The name for the internal domain is 'shortdomainname.com' and there are 2 servers, the domain controller called DCDP and the Exchange Server called EXDP. Unfortunately 'shortdomainname.com' is registered and held by someone else, suddenly trying to sell it!
When emails go out, the Message ID and Received From always have 'DCPDEXDP.shortdomainname.
com' and what Microsoft's new system appears to be doing is looking up the IP for 'shortdomainname.com' and the IP is of course not the same as where the email came from, and in addition the IP from the 'shortdomainnamesite' is blacklisted. I have an SPF record that includes 'DCDPEXDP.shortdomainname.
com', but on this occasion that is of no use because Microsoft are looking up the IP of 'shortdomainname.com'.
I have blamed Microsoft's new system, but that may not be the case. It may be that some organisation has 'sniffed out' this problem and realized that they could capitalize on my dilemma.
I have looked up whether something can be done via a Shell cmdlet as there are TransportRuleActions for SetHeader and RemoveHeader, but I cannot truly establish whether it is safe to use these - equally I cannot locate anything that gives me the command structure.
I have found some software (that is $200) called Header-Writer, but I don't want to buy that if it only changes one element such as the Message ID - because Microsoft's system may be using the 'Received: from' for their checking.
Any assistance is greatly appreciated.