cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Mail Routing Understanding / Questions

SonJim212
Copper Contributor

‎Aug 10 2022 01:10 AM - edited ‎Aug 10 2022 01:12 AM

‎Aug 10 2022 01:10 AM - edited ‎Aug 10 2022 01:12 AM

Mail Routing Understanding / Questions

Hi,

I need some help to understand some behaviour in our Exchange 2016 environment which is confusing us all so will set the scene.

 

Environment

 

- We have 4 Exchange servers all running on Server 2016

- We use these Exchange servers for SMTP relay only and management as we have Remote Mailboxes configured for Exchange online (we have NO mailboxes on these Exchange servers)

- 2 of the Exchange Servers are in subnet A, consider these the original servers

- 2 of the Exchange Servers are in subnet B, these are new servers added

- The 2 servers in subnet A have their own load balancer config on our Kemp for SMTP relay using a VIP which uses round robin

- The 2 servers in subnet B have their own load balancer config on our Kemp for SMTP relay using a VIP which uses round robin

 

Why

 

We are a group company that purchases other businesses and we grow through acquisition. We had a flat MPLS before but now we are using VRF technology to segregate each businesses into their own VRF (MPLS). We are in the process of selling one of the companies and the two original Exchange servers are in their MPLS from subnet A. We created 2 new servers in subnet B (which is a subnet for shared services which all the other businesses can use) as soon enough subnet A will be decommissioned when we cut the business we are selling off. So we created 2 new servers in preparation for that.

 

The Issue

 

Servers 3 & 4 are setup with Receive Connectors for the remaining companies, they all have their own receive connector which has their own IPs added to the scope for permissions to use the relay but they use a DNS name which points to the VIP for servers 3 & 4.

 

Company A uses relay to VIP for servers 3 & 4, the VIP hands the email over to lets say server 3, server 3 then hands the email over to server 1 or 2 in subnet A which then delivers the email to the end user. Server 3 & 4 NEVER release the email to the end user, it is always handed off to either server 1 or 2.

 

I have also just checked and even when I send a mail directly to server 3 or 4 using Send-MailMessage it still hands it over to Server 1 or 2.

 

Why is this happening?

 

We also see no message tracking logs being populated on either server 3 or 4, I have an open case with Microsoft about this. And now when I am specifying either server 3 or 4 directly as my Smtp server I am getting errors saying "Mailbox unavailable. The server response was: 5.7.60 SMTP; Client does not have permissions to send as this sender" but this works when I run as a different user with more privilege, but I am using anonymous relay connectors?

 

Its very confusing and can add more info if needed. But I need servers 3 & 4 to release emails and stop handing them off to the other servers when we use the VIP.

Labels:
341 Views
0 Likes
0 Replies
Reply
0 Replies