Exchange 2007 Message Header includes Private IP
Good morning, i am sending messages from our new E2K server and noticing that the message headers include the mail server's internal information rather than the external info. Is this going to cause me trouble when it comes to overly tight Spam filters? here is an example of the message header: Received: from mail.ourdomain.com ([EXTERNAL IP]) by mail.rocksolidhq.com (Rock Solid Computer Services' Mail Server ) with SMTP id DGK14044 for <me@a-different-domain.com>; Mon, 24 Sep 2007 19:38:44 -0400Received: from server.ourdomain.internal ([192.168.0.5]) byserver.ourdomain.internal ([192.168.0.5]) with mapi; on, 24 Sep 200719:38:42 -0400 thanks, dean
September 25th, 2007 3:00am

Hi, I have the same problem... Please tell me what is happening when you send an e-mail to yahoo or hotmail account... I can send to any server but not to yahoo or hotmail... they are accepting as spam... and please tell me if you have a solution.. Thanks...
Free Windows Admin Tool Kit Click here and download it now
September 25th, 2007 4:15pm

From the below article:"...Some people consider exposing your internal host names and IP addresses through the SMTP header to be a security risk. After all, why give a hacker any more information about your network than you absolutely must? So, Anthony, if you're concerned about the IP addresses and host names of your SMTP and Exchange hosts, you must look to a third-party product for help. The Cisco PIX firewall's SMTP fix-up feature can rewrite SMTP headers, as can Clearswift's MailSweeper. You'd have your SMTP Connector server forward all internal mail through a gateway or firewall to cause the headers to be rewritten..." http://www.ftponline.com/wss/2003_05/magazine/columns/askpros/
September 25th, 2007 9:39pm

Hey Mike, Thanks. That's interesting. We have a Cisco ASA 5505 in place and i just disabled the SMTPfixup on it because it was causing my 220 line to be rewritten as a bunch of asterisks. Although this is good because it hides details of the server, it was causing problems with some of the SPAM filters out there as they were trying to confirm the authenticity of the sending server. i will chase this down with Cisco to get their feedback but i am still left wondering if the format of my headers is going to give me grief as it still contains the server's internal IP address. i am less concerned about hiding the internal IP than i am about our outbound mail getting bounced back. The header's first line does include the external IP but is this the line that the SPAM filters use to determine the source server? thanks again, dean
Free Windows Admin Tool Kit Click here and download it now
September 26th, 2007 1:17pm

I'm not sure. I would imagine all is fair in love, war and spam filtering!
September 26th, 2007 6:17pm

It turns out that you can do this easily with built-in Exchange 2007 controls:Remove-ADPermission cdmlet. Read more from Jeff Guillet herehttp://www.expta.com/2008/06/using-exchange-2007-header-firewall.html
Free Windows Admin Tool Kit Click here and download it now
January 3rd, 2009 11:04am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics