OK this is more than an everyday computer q? This is for the Corporate IT wonks. I have an Exchange Setup behind a Pix Firewall. We are doing NAT on the Firewall. The Global outside address is advertising in the mail headers, not the Mail server itself. This has gotten us blacklisted by some mail servers. Any idea how to let the mail server address pass without the firewall stripping it?
I don't think you have a choice on that one. The globally visable IP is going to be stamped in the header, rather than the NAT address assigned to the machine actually sending the messages. Have you got a reverse DNS entry for your MX record that points back to a domain name rather than an IP? Doing that will usually calm down some of the black list triggers you are setting off.
You should really determine which blacklist services have your domain listed and email or call them to find out "why" and then get cleared from the list. Even if you fix it your still listed for rejection. Quotes from responses I got on my Experts Exchange: _____________________________________________________ This is how it should be done. Using public IP address is OK. The problem is probably due to inconsistency between the IP PTR record, smtp HELO record, and sender`s domain name. The public IP address`s PTR must match the server`s host name (Example: mail.mycompany.com). The HELO (or server name) must match this entry. If the sender`s email address domain should be @mycompany.com. Also, the public IP addres must match one of the MX record. Publishing a SPF record in your domain zone will help bypassing some antispam check. Are you sure that your ISP`s IP address block is not listed in RBL? This is the first thing to verify. There is many reason why your email may be rejected. ______________________________________________
