A message sent by a server in the DMZ relayed through an Edge server had the servername in the header address:
Return-Path:
noreply@company.com
Received-SPF:
Fail (sr-XXXX.company.lan: domain of noreply@company.com does
not
designate 333.333.888.130 as permitted sender)
receiver=sr-XXXXX.company.lan;
client-ip=333.333.888.130;
helo=SR-XXXXX.companycom.dmz;
In combination with Forefront protection for Exchange 2010 this led to unwanted spam and messages being bounced at the receiving side.
After searching some fora we came up with this solution:
Add the originating sending server to the whitelist in the Exchange whitelist on both Edge servers.
After this the mail header should look like this:
Received: from SR-XXXXX.company.com.dmz (333.333.888.131)
by mx03.company.com
(333.333.888.25) with Microsoft SMTP Server id
14.3.174.1; Fri, 28 Feb 2014
07:45:22 +0100
Received: from mail pickup service by SR-XXXXX.company.com.dmz with Microsoft
SMTPSVC; Fri, 28 Feb
2014 07:45:21 +0100
MIME-Version: 1.0
From:
Company <noreply@company.com>
To: <email@domain.com>
Date: Fri, 28 Feb 2014 07:45:21 +0100
Subject: Some text
Content-Type: multipart/related;
type="text/html";
boundary="--boundary_57_0ae1edd8-bdc9-4428-b63f-9dffb4757d50"
Message-ID: <SR-XXXXX0het1ULbDlB00018788@SR-XXXXX.company.com.dmz>
X-OriginalArrivalTime: 28 Feb 2014 06:45:21.0601 (UTC)
FILETIME=[A6B60B10:01CF3450]
Return-Path: noreply@company.com
No comments:
Post a Comment