Server's email address ??

Hi can anyone help me with finding the servers email address in exchange 2k3

reason I'm' asking is I have an admin from another company telling me he needs to white list our server's email address not our domain.

he wants to know what email address is used for sender verifacation

Comments

  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Check the headers of one of the emails you send to yourself, it should have a "received from" followed by a name and the ip address of your server. maybe that's what he wants? It should just be [email protected] or something though.
    All things are possible, only believe.
  • SmallguySmallguy Member Posts: 597
    sprkymrk wrote:
    Check the headers of one of the emails you send to yourself, it should have a "received from" followed by a name and the ip address of your server. maybe that's what he wants? It should just be [email protected] or something though.

    thank you

    I posted another thread

    http://techexams.net/forums/viewtopic.php?t=32439


    this is why he wants the information

    and this is exactly what he asked for incase there is a misunderstanding between us

    "in regards to sender verification

    Many servers do this as an effort to avoid spam, making sure we can actually mail back to the sender. It has a nice little name for it, but I call it sender verification.

    The question that I originally asked you was what is the email address the abcmail uses to verify and you never answered it. For example, [email protected] sends a message to [email protected]. I seriously doubt that abcmail says HELO "I'm [email protected] trying to RCPT to [email protected]”. Most likely it is something like [email protected] or [email protected]. What is the email address that abcmail uses to perform sender verification???? To be perfectly honest, it's most likely not [email protected] because if it was, our server will approve it and thus your server would not fail sender verification. It's probably something like [email protected] or whatever which we do not have listed as an approved address and therefore your attempt to verify sender is failing with us and subsequently failing at abcmail and ultimately not being delivered to [email protected]. Follow??? This would explain why mydomain.com can always send to us, but we cannot (from time to time) send to mydomain.com. Your verification process is failing on our end because we don't know from what email address abcmail is attempting to verify messages we send."



    any idea???
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    As far as I know, sender verification is commonly done as a bounce message. If his server is rejecting bounce messages, that's his problem, not yours.
    All things are possible, only believe.
  • SmallguySmallguy Member Posts: 597
    sprkymrk wrote:
    As far as I know, sender verification is commonly done as a bounce message. If his server is rejecting bounce messages, that's his problem, not yours.

    I do agree with you there

    problem is he is becoming increasingly more frustrating to deal with and pretty unprofessional

    I am going to suggest that he white list my mx record IP

    it is my understanding that if he does this any email coming from my mail exchanger will be accepted regardless of what email address it is coming from

    this should resolve this issue if it is what he is claiming
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Are you running an Exchange server? You can check here to see if you are using Sender Verification:

    To specify Sender ID filtering options:

    Start System Manager
    Double-click Global Settings.
    Right-click Message Delivery, and then click Properties.
    Click the Sender ID Filtering tab.

    You can tell it to "Accept" even if verification fails, then see if that clears up your problem.
    All things are possible, only believe.
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Sender ID filtering doesn't use an e-mail address for a server for verification. It uses an SPF record within the sending server's DNS to verify that the sending server is in the SPF record which is a list of allowed SMTP Sending servers for that domain. If you have Sender ID filtering turned on, and the sending domain doesn't have an SPF record with their sending server, it'll increase the SCL value of the sending message and it can block the message depending on configuration.

    So for example, if you have Sender ID filtering turned on, the other org sends mail, you have it set to reject mail from servers that don't have SPF, it'll reject their e-mail. Tell that organization to create an SPF record or turn off your sender id filtering or keep sender id on but tell it to accept messages so when the message hits IMF, IMF will take the Sender ID failure into consideration when adjusting SCL for acceptance/rejection.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • SmallguySmallguy Member Posts: 597
    Thanks guys

    I have it set to Accept regardless of whether or not they have and SPF record

    I was quite confident in there not being any issue with the configuration but not being an exchange guru I wanted to make sure
  • SmallguySmallguy Member Posts: 597
    I'll admit my knowledge of exchange logs is probably not the best

    but could either of you explain to me exactly what is happening below


    2008-03-05 21:10:52 64.105.113.202 OutboundConnectionCommand SMTPSVC1 myserver - 25 RCPT - TO:<[email protected]> 0 0 4 0 1375 SMTP - - - -

    2008-03-05 21:10:52 64.105.113.202 OutboundConnectionResponse SMTPSVC1 myserver - 25 - - [email protected]+Address+Okay 0 0 39 0 1593 SMTP - - - -


    the other companies admin claims the above info proves my server is sending an email to there server to verify that [email protected] is an actual accont on the box

    but since Sender verification checks and SPF record and doesn't send and email what is occurring above?
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    As I said, having it set to accept doesn't mean it'll definitely be accepted. It just means it's passed to the Intelligent Message Filter (IMF) which is the Content Filtering mechanism in 2007. That does some more checking and takes the Sender ID filtering into consideration for the final SCL value. If the SCL value is above your threshold, and depending on your configuration, it could be blocked.

    Has their domain been checked by a blacklist site? Get their sending server's IP address and go here:
    http://www.mxtoolbox.com/blacklists.aspx?AG=GBL&gclid=CMHZ2_XRzY8CFRsTawod7wtS9w

    DNStuff.com also has checks but it costs money.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Do this for reading logs:
    http://www.msexchange.org/tutorials/Logging_the_SMTP_Service.html

    I do that every time I read logs. Makes it much easier to read.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • SmallguySmallguy Member Posts: 597
    I've have checked mxtoolbox.com and they are not blacklisted

    this issue is intermittent and when the emails fail their user receives

    Subject: RE: test

    Sent: 3/13/2008 7:03 AM



    The following recipient(s) could not be reached:



    [email protected] on 3/13/2008 7:01 AM

    You do not have permission to send to this recipient. For assistance, contact your system administrator.

    <charlie.theirdomain.net #5.7.1 smtp;550 5.7.1 Unable to relay for [email protected]>

    I checked the IMS filter on my exchange 2k3 box and it is set as follow

    Block messages with an SLC Rating greater than : 8

    when blocking messages: take no action



    [/img]
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    That's a pretty high SCL rating anyways. The issue is intermittent as in it doesn't happen to often from domain to domain or is it intermittent with the same user to user?
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • undomielundomiel Member Posts: 2,818
    Is this in reference to this same issue? http://www.techexams.net/forums/viewtopic.php?t=32184

    I'll stand by what I had said earlier then. Their relay isn't setup properly or that user's Outlook is not setup for proper authentication.
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
  • SmallguySmallguy Member Posts: 597
    royal wrote:
    That's a pretty high SCL rating anyways. The issue is intermittent as in it doesn't happen to often from domain to domain or is it intermittent with the same user to user?

    That is a bit hard to answer because I have one user who seems to never say he get's complaints about their email going through but another who seems to have issues more often than not with them

    it seems when I'm notified of the issue and we try some tests that it will fail on my postmaster, personal account and admin accounts as well

    I guess it is fibroblast domain to domain when the issue occurs

    I have already whitelisted them in our spam software (GFI)
  • SmallguySmallguy Member Posts: 597
    undomiel wrote:
    Is this in reference to this same issue? http://www.techexams.net/forums/viewtopic.php?t=32184

    I'll stand by what I had said earlier then. Their relay isn't setup properly or that user's Outlook is not setup for proper authentication.

    Yes it is the exact same issue reffered to in that thread

    Their admin is just saying my server validation check must be failing intermittently and that is why mail mail flow works sometimes and other it does now
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Well tell them to make sure their sending server has a PTR record as well as an SPF record in public DNS. I would do the same on your side. Also, try setting the SMTP connectors to respond to EHLO via the public FQDN of what the PTR record maps to. So if the PTR maps to mail.domain.com which should be the ip address Exchange sends from, set the EHLO response to also be mail.domain.com.

    This will ensure both servers have a more optimal setup for internet validation.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • SmallguySmallguy Member Posts: 597
    royal wrote:
    Well tell them to make sure their sending server has a PTR record as well as an SPF record in public DNS. I would do the same on your side. Also, try setting the SMTP connectors to respond to EHLO via the public FQDN of what the PTR record maps to. So if the PTR maps to mail.domain.com which should be the ip address Exchange sends from, set the EHLO response to also be mail.domain.com.

    This will ensure both servers have a more optimal setup for internet validation.


    I'm not exactly sure what you mean with the connector if it is I should configure, he should configure or we both should

    I do not currently have an SPF record but that will be fixed ASAP

    I looked at their PTR records and they do not resolve like mine do

    they have 2 mx records say alpha.theirdomain.com and delta.theirdomain.com with ip 100.100.100.1 and 100.100.100.2 as examples

    but the the PTR's are not saying 100.100.100.1 resolves to alpha.theirdomain.com instead they resolve to www.mywebsite.com

    my records on the other hand with my PTR record 200.200.200.1 resolves to which is my mail exchanger record

    I 'm not sure if this info is helpful
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    <charlie.theirdomain.net #5.7.1 smtp;550 5.7.1 Unable to relay for [email protected]>

    ^^
    It seems apparent that their server is refusing to relay the message to your email server. He has something messed up on his end and doesn't know how to fix it.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Smallguy wrote:
    [I looked at their PTR records and they do not resolve like mine do

    they have 2 mx records say alpha.theirdomain.com and delta.theirdomain.com with ip 100.100.100.1 and 100.100.100.2 as examples

    but the the PTR's are not saying 100.100.100.1 resolves to alpha.theirdomain.com instead they resolve to www.mywebsite.com

    my records on the other hand with my PTR record 200.200.200.1 resolves to which is my mail exchanger record

    I 'm not sure if this info is helpful

    They are probably hosting multiple services on the same server. Have you tried:

    nslookup
    set type=mx
    200.200.200.1

    And see what comes up?
    All things are possible, only believe.
  • SmallguySmallguy Member Posts: 597
    blargoe wrote:
    <charlie.theirdomain.net #5.7.1 smtp;550 5.7.1 Unable to relay for [email protected]>

    ^^
    It seems apparent that their server is refusing to relay the message to your email server. He has something messed up on his end and doesn't know how to fix it.

    Yes I've mentioned this to him several times but he just becomes externally defensive and states it works fine for everyone else so it must be my server
  • SmallguySmallguy Member Posts: 597
    sprkymrk wrote:
    Smallguy wrote:
    [I looked at their PTR records and they do not resolve like mine do

    they have 2 mx records say alpha.theirdomain.com and delta.theirdomain.com with ip 100.100.100.1 and 100.100.100.2 as examples

    but the the PTR's are not saying 100.100.100.1 resolves to alpha.theirdomain.com instead they resolve to www.mywebsite.com

    my records on the other hand with my PTR record 200.200.200.1 resolves to which is my mail exchanger record

    I 'm not sure if this info is helpful

    They are probably hosting multiple services on the same server. Have you tried:

    nslookup
    set type=mx
    200.200.200.1

    And see what comes up?

    yes you are right they are a consulting company and do host mail for multiple companies
Sign In or Register to comment.