+ Reply to Thread
Results 1 to 22 of 22
  1. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #1

    Default Server's email address ??

    Hi can anyone help me with finding the servers email address in exchange 2k3

    reason I'm' asking is I have an admin from another company telling me he needs to white list our server's email address not our domain.

    he wants to know what email address is used for sender verifacation
    Reply With Quote Quote  

  2. SS -->
  3. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #2
    Check the headers of one of the emails you send to yourself, it should have a "received from" followed by a name and the ip address of your server. maybe that's what he wants? It should just be servername@domain.com or something though.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #3
    Quote Originally Posted by sprkymrk
    Check the headers of one of the emails you send to yourself, it should have a "received from" followed by a name and the ip address of your server. maybe that's what he wants? It should just be servername@domain.com or something though.
    thank you

    I posted another thread

    http://techexams.net/forums/viewtopic.php?t=32439


    this is why he wants the information

    and this is exactly what he asked for incase there is a misunderstanding between us

    "in regards to sender verification

    Many servers do this as an effort to avoid spam, making sure we can actually mail back to the sender. It has a nice little name for it, but I call it sender verification.

    The question that I originally asked you was what is the email address the abcmail uses to verify and you never answered it. For example, userA@publiclaw.com sends a message to userB@mydomain.com. I seriously doubt that abcmail says HELO "I'm userB@mydomain.com trying to RCPT to userA@theirdomain.com”. Most likely it is something like postmaster@blahblahblah.com or administrator@blahblahblah.com. What is the email address that abcmail uses to perform sender verification???? To be perfectly honest, it's most likely not administrator@mydomain.com because if it was, our server will approve it and thus your server would not fail sender verification. It's probably something like administrator@abcmail.com or whatever which we do not have listed as an approved address and therefore your attempt to verify sender is failing with us and subsequently failing at abcmail and ultimately not being delivered to userB@mydomain.com. Follow??? This would explain why mydomain.com can always send to us, but we cannot (from time to time) send to mydomain.com. Your verification process is failing on our end because we don't know from what email address abcmail is attempting to verify messages we send."



    any idea???
    Reply With Quote Quote  

  5. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #4
    As far as I know, sender verification is commonly done as a bounce message. If his server is rejecting bounce messages, that's his problem, not yours.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #5
    Quote Originally Posted by sprkymrk
    As far as I know, sender verification is commonly done as a bounce message. If his server is rejecting bounce messages, that's his problem, not yours.
    I do agree with you there

    problem is he is becoming increasingly more frustrating to deal with and pretty unprofessional

    I am going to suggest that he white list my mx record IP

    it is my understanding that if he does this any email coming from my mail exchanger will be accepted regardless of what email address it is coming from

    this should resolve this issue if it is what he is claiming
    Reply With Quote Quote  

  7. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #6
    Are you running an Exchange server? You can check here to see if you are using Sender Verification:

    To specify Sender ID filtering options:

    Start System Manager
    Double-click Global Settings.
    Right-click Message Delivery, and then click Properties.
    Click the Sender ID Filtering tab.

    You can tell it to "Accept" even if verification fails, then see if that clears up your problem.
    Reply With Quote Quote  

  8. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #7
    Sender ID filtering doesn't use an e-mail address for a server for verification. It uses an SPF record within the sending server's DNS to verify that the sending server is in the SPF record which is a list of allowed SMTP Sending servers for that domain. If you have Sender ID filtering turned on, and the sending domain doesn't have an SPF record with their sending server, it'll increase the SCL value of the sending message and it can block the message depending on configuration.

    So for example, if you have Sender ID filtering turned on, the other org sends mail, you have it set to reject mail from servers that don't have SPF, it'll reject their e-mail. Tell that organization to create an SPF record or turn off your sender id filtering or keep sender id on but tell it to accept messages so when the message hits IMF, IMF will take the Sender ID failure into consideration when adjusting SCL for acceptance/rejection.
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #8
    Thanks guys

    I have it set to Accept regardless of whether or not they have and SPF record

    I was quite confident in there not being any issue with the configuration but not being an exchange guru I wanted to make sure
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #9
    I'll admit my knowledge of exchange logs is probably not the best

    but could either of you explain to me exactly what is happening below


    2008-03-05 21:10:52 64.105.113.202 OutboundConnectionCommand SMTPSVC1 myserver - 25 RCPT - TO:<user3@theirdomain.com> 0 0 4 0 1375 SMTP - - - -

    2008-03-05 21:10:52 64.105.113.202 OutboundConnectionResponse SMTPSVC1 myserver - 25 - - 250+user3@theirdomain.com+Address+Okay 0 0 39 0 1593 SMTP - - - -


    the other companies admin claims the above info proves my server is sending an email to there server to verify that user3@theridomain.com is an actual accont on the box

    but since Sender verification checks and SPF record and doesn't send and email what is occurring above?
    Reply With Quote Quote  

  11. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #10
    As I said, having it set to accept doesn't mean it'll definitely be accepted. It just means it's passed to the Intelligent Message Filter (IMF) which is the Content Filtering mechanism in 2007. That does some more checking and takes the Sender ID filtering into consideration for the final SCL value. If the SCL value is above your threshold, and depending on your configuration, it could be blocked.

    Has their domain been checked by a blacklist site? Get their sending server's IP address and go here:
    http://www.mxtoolbox.com/blacklists....FRsTawod7wtS9w

    DNStuff.com also has checks but it costs money.
    Reply With Quote Quote  

  12. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #11
    Do this for reading logs:
    http://www.msexchange.org/tutorials/...P_Service.html

    I do that every time I read logs. Makes it much easier to read.
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #12
    I've have checked mxtoolbox.com and they are not blacklisted

    this issue is intermittent and when the emails fail their user receives

    Subject: RE: test

    Sent: 3/13/2008 7:03 AM



    The following recipient(s) could not be reached:



    admin@mydomain.com on 3/13/2008 7:01 AM

    You do not have permission to send to this recipient. For assistance, contact your system administrator.

    <charlie.theirdomain.net #5.7.1 smtp;550 5.7.1 Unable to relay for admin@mydomain.com>

    I checked the IMS filter on my exchange 2k3 box and it is set as follow

    Block messages with an SLC Rating greater than : 8

    when blocking messages: take no action



    [/img]
    Reply With Quote Quote  

  14. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #13
    That's a pretty high SCL rating anyways. The issue is intermittent as in it doesn't happen to often from domain to domain or is it intermittent with the same user to user?
    Reply With Quote Quote  

  15. Virtual Member undomiel's Avatar
    Join Date
    Sep 2007
    Location
    Bellevue, WA
    Posts
    2,813

    Certifications
    MCSA:2008, VCP4/5, CCA (XS), MCITP: EA/VA, MCSE, MCSA, Linux+, Security+, Server+, A+
    #14
    Is this in reference to this same issue? http://www.techexams.net/forums/viewtopic.php?t=32184

    I'll stand by what I had said earlier then. Their relay isn't setup properly or that user's Outlook is not setup for proper authentication.
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #15
    Quote Originally Posted by royal
    That's a pretty high SCL rating anyways. The issue is intermittent as in it doesn't happen to often from domain to domain or is it intermittent with the same user to user?
    That is a bit hard to answer because I have one user who seems to never say he get's complaints about their email going through but another who seems to have issues more often than not with them

    it seems when I'm notified of the issue and we try some tests that it will fail on my postmaster, personal account and admin accounts as well

    I guess it is fibroblast domain to domain when the issue occurs

    I have already whitelisted them in our spam software (GFI)
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #16
    Quote Originally Posted by undomiel
    Is this in reference to this same issue? http://www.techexams.net/forums/viewtopic.php?t=32184

    I'll stand by what I had said earlier then. Their relay isn't setup properly or that user's Outlook is not setup for proper authentication.
    Yes it is the exact same issue reffered to in that thread

    Their admin is just saying my server validation check must be failing intermittently and that is why mail mail flow works sometimes and other it does now
    Reply With Quote Quote  

  18. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #17
    Well tell them to make sure their sending server has a PTR record as well as an SPF record in public DNS. I would do the same on your side. Also, try setting the SMTP connectors to respond to EHLO via the public FQDN of what the PTR record maps to. So if the PTR maps to mail.domain.com which should be the ip address Exchange sends from, set the EHLO response to also be mail.domain.com.

    This will ensure both servers have a more optimal setup for internet validation.
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #18
    Quote Originally Posted by royal
    Well tell them to make sure their sending server has a PTR record as well as an SPF record in public DNS. I would do the same on your side. Also, try setting the SMTP connectors to respond to EHLO via the public FQDN of what the PTR record maps to. So if the PTR maps to mail.domain.com which should be the ip address Exchange sends from, set the EHLO response to also be mail.domain.com.

    This will ensure both servers have a more optimal setup for internet validation.

    I'm not exactly sure what you mean with the connector if it is I should configure, he should configure or we both should

    I do not currently have an SPF record but that will be fixed ASAP

    I looked at their PTR records and they do not resolve like mine do

    they have 2 mx records say alpha.theirdomain.com and delta.theirdomain.com with ip 100.100.100.1 and 100.100.100.2 as examples

    but the the PTR's are not saying 100.100.100.1 resolves to alpha.theirdomain.com instead they resolve to www.mywebsite.com

    my records on the other hand with my PTR record 200.200.200.1 resolves to which is my mail exchanger record

    I 'm not sure if this info is helpful
    Reply With Quote Quote  

  20. Self-Described Huguenot blargoe's Avatar
    Join Date
    Nov 2005
    Location
    NC
    Posts
    4,099

    Certifications
    VCAP5-DCA; VCP 3/4/5/6 (DCV); EMCSA:CLARiiON; Linux+; MCSE:M 2000/2003; MCSE:S 2000/2003; MCTS:Exch2007; Security+; A+; CCNA (expired)
    #19
    <charlie.theirdomain.net #5.7.1 smtp;550 5.7.1 Unable to relay for admin@mydomain.com>

    ^^
    It seems apparent that their server is refusing to relay the message to your email server. He has something messed up on his end and doesn't know how to fix it.
    IT guy since 12/00

    Recent: 10/27/2017 - Passed Microsoft 70-410 (one exam left for MCSA 2012)
    Working on: MCSA 2012 upgrade from 2003 (to heck with 2008!!), MCSA 2016 upgrade, more Linux
    Thinking about: VCP6-CMA, AWS Solution Architect (Associate), Python, VCAP6-DCD (for completing VCIX)
    Reply With Quote Quote  

  21. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #20
    Quote Originally Posted by Smallguy
    [I looked at their PTR records and they do not resolve like mine do

    they have 2 mx records say alpha.theirdomain.com and delta.theirdomain.com with ip 100.100.100.1 and 100.100.100.2 as examples

    but the the PTR's are not saying 100.100.100.1 resolves to alpha.theirdomain.com instead they resolve to www.mywebsite.com

    my records on the other hand with my PTR record 200.200.200.1 resolves to which is my mail exchanger record

    I 'm not sure if this info is helpful
    They are probably hosting multiple services on the same server. Have you tried:

    nslookup
    set type=mx
    200.200.200.1

    And see what comes up?
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #21
    Quote Originally Posted by blargoe
    <charlie.theirdomain.net #5.7.1 smtp;550 5.7.1 Unable to relay for admin@mydomain.com>

    ^^
    It seems apparent that their server is refusing to relay the message to your email server. He has something messed up on his end and doesn't know how to fix it.
    Yes I've mentioned this to him several times but he just becomes externally defensive and states it works fine for everyone else so it must be my server
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    Sep 2005
    Posts
    598

    Certifications
    A+ Network+ MCP, MCSA
    #22
    Quote Originally Posted by sprkymrk
    Quote Originally Posted by Smallguy
    [I looked at their PTR records and they do not resolve like mine do

    they have 2 mx records say alpha.theirdomain.com and delta.theirdomain.com with ip 100.100.100.1 and 100.100.100.2 as examples

    but the the PTR's are not saying 100.100.100.1 resolves to alpha.theirdomain.com instead they resolve to www.mywebsite.com

    my records on the other hand with my PTR record 200.200.200.1 resolves to which is my mail exchanger record

    I 'm not sure if this info is helpful
    They are probably hosting multiple services on the same server. Have you tried:

    nslookup
    set type=mx
    200.200.200.1

    And see what comes up?
    yes you are right they are a consulting company and do host mail for multiple companies
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks