Need to receive external email with same domain as internal? Exchange 2007

PorterComp

PorterComp

Member
Reaction score
9
Location
Mississippi
Ok Guys and Gals, Here's a tough one I've been chasing and can't seem to figure out.

We have an SBS 2008 server running Exchange 2007. Our internal domain is myserver.org

Situation: Incoming and outgoing email works fine except for the following. We have a government agency that uses it's website to notify users of requests, approvals etc via email. What they are doing is sending from their webmail.agency.gov email server emails from my end users user@myserver.org back to that user and other users within my domain. Sounds weird, but that's how they do it. It was working, now it's not and I can't figure out why.

In short, they are sending email from their server (webmail.agency.gov) from user@myserver.org to user@myserver.org and user2@myserver.org and the emails aren't coming in.

I have crawled the web trying to figure this one out and can't find a similar situation. I have tried adding a receive connector in exchange to accept emails from webmail.agency.org's IP address. Put it's IP address in the Antispam IP allow list, turned off the Sonicwall Firewall's security apps.

Any ideas?
 
Sounds like your using myserver.org as a relay?

Ah!! I misinterpreted what you were doing, you aren't acting as a relay.
 
Last edited:
Well the emails should be coming into myserver.org to it's users. But can it relay to itself? Unless Exchange is setup by default as a relay (which I doubt) I didn't set it up that way. Just doesn't make sense.
 
myserver.org
mail.myserver.org
remote.myserver.org
myserver.local

I initially only had myserver.local (true)and myserver.org as they were the defaults. I added the other two in an attempt to resolve the issue. They are all set as authoritative domains.
 
Last edited:
Under the same Orginization Config, Hub Transport, there's a tab for..I think it's still called hub transport, properties of which you can plug in IP's which the server will accept mails from without going through any filtering. Kinda relay like.
 
I don't see that. I see the Antispam tab that you can plug in the IP for IP Allowed list.
Under the Accepted Domains tab you don't have the option to put in an IP anywhere.

Now under Server config>hub trans>receive connectors tab there's an entry where you can put in IPs. I put the IP in there under the default server. We'll see if that works.

When I make these changes in order for it to go in effect, should I restart the MS Transport service?
 
PorterComp, I can't seem to check the DNS record for agency.org. Is this domain in the Intranet or Extranet. I don't see it on the Internet.

Assuming webmail.agency.org is on the internet somewhere, it will querry the DNS for the MX


1) Your front-end smtp "smartpop.myserver.org" is using Merak Mail Server (Not Exchange). I would start troubleshooting here. Check if its receving the email from webmail.agency.gov If no email continue with step 2. If your receiving email continue with step 5

2) Send an email manually (telnet port 25) form webmail.agency.gov to smartpop.myserver.org. if there's a problem, you will see the error when you try to manually connect.

3) If no error message and you where manually able to send a test message, then most likely the problem is at webmail.agency.gov.

4) I wont change any configuration on the Exchange server until you have verify the email are being rec'd my Merak Mail server from webmail.agency.org

5) Since your Incoming and out going is working, then I would look into exchange filters and policy. Something specific to webmail.agency,org


Good Luck
 
Last edited:
The domain is for the government agency isn't agency.gov, that was just a fake one for description purposes, the true domain is mdhs.ms.gov and their email is webmail.mdhs.ms.gov I don't know what type of email server they use. But I will find out. Keep in mind, we DO receive email from user@mdhs.ms.gov We only don't receive email from their web-based software application that sends mail back to our organization using our domain name...ie user@multi-county.org

So it's as if they are sending email to us FROM us from an outside source. So the email that webmail.mdhs.ms.gov is sending is from user@multi-county.org TO user@multi-county.org

My problem is I can't figure out how to tell my exchange 2007 server to accept this email. If it's even possible.
 
PorterComp said:
The domain is for the government agency isn't agency.gov, that was just a fake one for description purposes, the true domain is mdhs.ms.gov and their email is webmail.mdhs.ms.gov

My problem is I can't figure out how to tell my exchange 2007 server to accept this email. If it's even possible.
Click to expand...

It make a big difference having the actual domain name. The MX looks good
Check the filters as posted by others. Here is a step by step

Using Exchange Management COnsole
1) Select Edge transport
2) ON the right it would display the filter.
3) You need to check each filer. Highlight the first filter
4) On the bottom select the Anti-spam tab and check all settings espcially
Conneciton filtering and Sender Filtering.
5) If enable, right click and check propertise.
6) Switch to Provider tab where you will see the IP/DOmain name
Do step 5 and 6 for every settings
do Step 4 to 6 for every filter
 
I don't have the Edge Transport server setup. I would assume that's where the filters would be you're talking about?

I've looked elsewhere to try and find other filters, but no luck?
 
PorterComp said:
I don't have the Edge Transport server setup. I would assume that's where the filters would be you're talking about?
I've looked elsewhere to try and find other filters, but no luck?
Click to expand...

For Exchange 2007
Select Organization Configuration
Select Hub Transport
Select Anti-spam Tab

Also check Sever COnfiguration and Hun Transport.

But the first think you need to do is send a test email from webmail.mdhs.ms.gov. After the email has been send wait 10 - 15 minutes, then review the log. Filter the email for the last 30 minutes

1) Did you get a connection from webmail.mdhs.ms.gov. If not send another test email and wait another 15 minutes. After 30 mins or so, and still no connection log, then the problem is not on your exchange box.

2) If you get connected then the problem is 99% on your side.

3) Check what happen to the email. Possible block by connection. If so check blacklist option. Block buy Anti-spam then check anti-spam settings.

Chances are its block by Anti-spam because email form the same domain is sometime consider spam. Your situation is not unique. To avoid being spam, webmaster will create an email form and use the recipient email as the sender. With this method, if a hacker fill the form, the hacker will be phizing for his/her own email address.
 
Have added to the IP allow list in the antispam tab (yesterday). Will monitor the logs today and try what you suggested.

Thanks for all your help, I will keep ya'll updated.
 
It actually sounds to me like the Agency is using their servers as a relay, which tends not to be secure and likely isn't going to work ... also, most spam catchers will probably catch something with a header that doesn't match the supposed address the email came from. That could be it...
 
Didn't have a chance to work this issue today, will do next week and keep ya'll posted. Parker, you could be right. I'll ask the agency if their server is doing that.
 
You must log in or register to reply here.

Similar threads

J
Outlook continually sends emails from one address to Junk Email
Replies
4
Views
533
callthatgirl
callthatgirl
H
[SOLVED] Move email from Thunderbird to Outlook
Replies
14
Views
1K
Haole Boy
H
C
Huge Exchange account, need to archive or switch service, best way to be sure all emails downloaded
Replies
13
Views
1K
YeOldeStonecat
YeOldeStonecat
HCHTech
Managing Unifi equipment
Replies
12
Views
2K
Sky-Knight
Sky-Knight
onsitetechsri
Internal domain users can't connect to external website
Replies
11
Views
2K
YeOldeStonecat
YeOldeStonecat
Back
Top