Dienstag, 31. Mai 2011

Exchange 2010 Server and x-originating-ip Header

Today I ran into a very strange problem. I'm running an Exchange Server 2010 SP1 and an Exchange Server 2007. The Exchange Server 2007 is inside our company's network, protected by a SecurePoint Firewall. The SecurePoint Firewall is having Greylisting enabled, so sendmail is filtering all the mails flowing to the E2K7. Whenever I sent an email from the 2010 SP1 (outside the firewall) to the Exchange Server 2007 (behind the firewall), it was returned with the error message

554 5.7.1 Command rejected

after the SMTP "DATA" command was sent.

The firewall itself just logged this less helpful information:

Milter: data, reject 554 5.7.1 Command rejected

After doing some research by activating Verbose Logging of the Send Connector, by using Wireshark, and by sending a message manually to the firewall by using Telnet (which worked), I found out that the problem is caused by the "x-originating-ip" header. This header is added since Exchange Server 2010 SP1 and, for some reason, the SecurePoint Firewall, the Mailfilter or whatever is not able to handle it. When inspecting a mail, you will find the header like:

X-MS-TNEF-Correlator: x-originating-ip: [xxx.xxx.xxx.xxx] Content-Type: multipart/alternative;

Here's how to disable adding the header (or, to be more precise, how to remove it):

  1. Open the Exchange Management Console
  2. Open "Transport Rules" under "Organization Configuration" -> "Hub Transport"
  3. Add a new Transport Rule and give it a name (such as "Remove x-originating-ip header")
  4. Do not choose any condition (we want to apply the rule to all mails)
  5. Choose "Remove header", and modify the action to match the "x-originating-ip" header
  6. Do not choose any exception (except you want to, of course)
  7. Apply the new rule.

Keine Kommentare:

Kommentar veröffentlichen

Dieses Blog durchsuchen