Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 34
  1. #21
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    6,875

    Default

    Changing the domain on an Exchange Server which is also a Domain Controller is not a simple task. There are several settings to modify including re-adding computers to the DC server.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  2. #22
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,429

    Default

    The default receive connector should be anonymous only. No Outlook clients use SMTP to transmit. If you need another connector, you can make one, it can even operate on TCP 25, and that one can require authentication, or be IP limited or whatever. But your default connector exists solely for public use.

    There is no need to change your AD domain. But you do need at least two receive connectors.

    When you ran the test earlier the second line that says this: 250-mail1.sanketindia.in Hello [34.224.65.83]

    That's your SMTP banner, and that's what you want to see. The reverse DNS not matching isn't a huge deal, and very common.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #23
    Untangler
    Join Date
    Jan 2016
    Posts
    48

    Default

    Yeah, correct. There are two receive connectors.

    Default FrontEnd MAIL1 (port25) - i did change FQDN to real and disable Exchange Authentication - now works well with HELO

    Default MAIL1 (port 2525) - Exchange Authentication kept on and FQDN was set to mail1.sanket.local

    all sounds good now in terms of exchange server.

    However it again got black listed. But i think i shall wait another 24 hrs.
    Spamhaus reported Time when we were making changes. So keeping finger cross for next 24 hrs.

    Hopefully now it does blacklist again.
    Last edited by sanketgroup; 07-12-2018 at 12:00 AM.

  4. #24
    Untangler
    Join Date
    Jan 2016
    Posts
    48

    Default

    sadly it is still being blocked.
    Now what it could be?

  5. #25
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    6,875

    Default

    Quote Originally Posted by sanketgroup View Post
    sadly it is still being blocked.
    Now what it could be?
    It might be better to post the question on a Microsoft Exchange forum since therein lies the problem.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #26
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,429

    Default

    You also need to read the errors they're sending you, because I see an SMTP connector that responds perfectly here.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #27
    Untangler
    Join Date
    Jan 2016
    Posts
    48

    Default

    They are not sending any other errors.
    If you see https://www.abuseat.org/lookup.cgi with IP 202.129.240.180, you will see there is no much information.
    I sent them email for support but they sent same copy pasted message.

    To clear doubt about Exchange server, today i entirely took the Exchange server Off.
    From 12.01 am to 8.00 am i shut down the exchange server still spamhaus CBL blacklisted my ip again at 1.05am (+/- 5 min)

    1. I did shut off Exchange server entirely
    2. Port 25 is totally blocked on untangle
    3. Spamhaus/CBL not providing any more details

    This is nightmare for me. Now even they have barred me from removing my ip from blacklist.
    It says too many removal in last one week, so cannot remove now.
    I cannot send emails now.
    Pls pls help.

    Also created Support ticket with untangle: Untangle Support (#125674)

  8. #28
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,429

    Default

    As has been stated before, this isn't an Untangle issue.

    https://mxtoolbox.com/problem/blacklist/cbl

    If you're on the CBL it's because you're sending viruses. You're going to have to figure that out, and I don't know what you expect Untangle to do about it. We've already highlighted several issues in this thread wherein your Exchange was flat misconfigured. At this point you've probably got a compromised system somewhere. Where is it? That's the question. We have no idea, Untangle has no idea.

    To make matters worse, the CBL isn't necessarily stuff working on TCP 25. You could have a workstation logging into O365 and transmitting junk via TCP 443 and end up on that.

    So, if you have another IP address I suggest you configure your mail server to use that, and kick your DNS records over and see if the black list moves. Take care to not move any other system to the new address. At least then you can figure out if it's another system NAT'ing through, or Exchange itself.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  9. #29
    Untangler
    Join Date
    Jan 2016
    Posts
    48

    Default

    looking for help from untangle because this act has network filter, firewall, UTM and untangle support can see the things in logs.

    You and jcoffin providing very good support but now we are at dead end!

    i am having hope that if support can see my untangle remotely and give some inputs where it is going wrong

  10. #30
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,429

    Default

    At this point the only thing I can suggest is to get into your Spam Blocker and enable the Scan Outbound SMTP feature.

    But again, that isn't necessarily how you're getting flagged. If you have anything else using that IP address going to the world, all of that is a potential problem.

    So If you have more IP addresses, I highly recommend you use them. Get that IP down to just your Exchange server, so you can start narrowing the problem. If they keep flagging you it's because you're hitting the sensor that frequently. So this isn't a little thing, it's a constant thing.

    It's also possible you have one or more compromised accounts, transmitting problem mail. You're also getting hung up on the 1am time, the time has nothing to do with it. It's just when the lists update.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 3 of 4 FirstFirst 1234 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2