03 March 2014

Edge server marks relayed sent item as spam

We had a case of "WTF", why is it doing this?
A message sent by a server in the DMZ relayed through an Edge server had the servername in the header address:

Return-Path: noreply@company.com
Received-SPF: Fail (sr-XXXX.company.lan: domain of noreply@company.com does
not designate 333.333.888.130 as permitted sender)
receiver=sr-XXXXX.company.lan; client-ip=333.333.888.130;

helo=SR-XXXXX.companycom.dmz;

In combination with Forefront protection for Exchange 2010 this led to unwanted spam and messages being bounced at the receiving side.

After searching some fora we came up with this solution:

Add the originating sending server to the whitelist in the Exchange whitelist on both Edge servers.


After this the mail header should look like this:

Received: from SR-XXXXX.company.com.dmz (333.333.888.131) by mx03.company.com
(333.333.888.25) with Microsoft SMTP Server id 14.3.174.1; Fri, 28 Feb 2014
07:45:22 +0100
Received: from mail pickup service by SR-XXXXX.company.com.dmz with Microsoft
SMTPSVC;      Fri, 28 Feb 2014 07:45:21 +0100
MIME-Version: 1.0
From: Company <noreply@company.com>
To: <email@domain.com>
Date: Fri, 28 Feb 2014 07:45:21 +0100
Subject: Some text
Content-Type: multipart/related; type="text/html";
        boundary="--boundary_57_0ae1edd8-bdc9-4428-b63f-9dffb4757d50"
Message-ID: <SR-XXXXX0het1ULbDlB00018788@SR-XXXXX.company.com.dmz>
X-OriginalArrivalTime: 28 Feb 2014 06:45:21.0601 (UTC) FILETIME=[A6B60B10:01CF3450]
Return-Path: noreply@company.com

No comments:

Post a Comment