Wrong Mailbox Server IP Showing up in Email Message Headers.

  • Article

So I recently ran into an issue where a customer was seeing emails getting stuck in the spam filter. When looking in the message header he noticed that the IP address for the mailbox server was incorrect, he thought this was causing emails to be caught in the SPAM filter and wanted to correct this behavior.

Message Header Example:

Received:
from smtp6.exch.edu (HELO exchange.exch.edu)
([146.165.254.43]) by esmtp03.exch.edu with ESMTP/TLS/AES128-SHA;
11 Aug 2013 21:54:01 -0400
Received:from MBX04.ad.exch.edu ([169.254.1.73]) by
hub06.ad.exch.edu ([146.165.254.89]) with mapi id 14.03.0235.001;

So their static IP was in the 146 group, but when looking at this header we see a 169 address, this is always the assigned IP of the virtual cluster network adapter.  You can see this when running ipconfig (ipconfig /all will give you a description to better identify the adapter).  You can tell which LAC is from the cluster because it will have an asterisk next to it. 

 

So there are a few ways I found that you can correct this behavior.  The first one I found was using a tool call nvspbind, this is a command line tool that will allow you to manually reconfigure the binding order on the local server. You can download nvspbind here.

Using this tool is quite simple, you just download it and navigate to it via an administrative command prompt.  You can check the binding order by running “nvspbind /o ms_tcpip”.

As you can see Local Area Connection* 11 is at the top of the binding order, so how do we change this? All you have to do is push the connection down the binding order by running one command: nvspbind /-- “local area connection* 11” ms_tcpip.  In the picture below you can see how it was pushed to the bottom after using two hyphens after the forward slash.  If I were to only use one hyphen it would have only moved it down one spot. 

So since nvspbind was designed to be used in a Hyper-V environment I’ve had customers have issues using this with other virtual software platforms. In these types of scenarios we have two other options that I have found be effective:  The first is to change in the registry, you can find the binding order here (whenever making changes to the registry it is always a good idea to do a system state backup prior): HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Linkage: Bind  (second option covered later in the article)

 

Now to make sure you’re moving the right NIC you can check ipconfig, this should have the NIC’s in their current order, so if the 3rd one is your Cluster network adapter than move it from the 3rd position to the 1st in the registry.  After making any changes to the binding order I recommend on rebooting the server so the changes take effect.

If you have a case where none of these work like the case I had, than the last option we have is to modify the local host file on the server to point the server name at the static IP associated with the Mapi NIC on the server.  The host file is located at C:\Windows\System32\drivers\etc and just make the change like shown in the below picture.  You will have to flush the DNS after making this change.

Hope this helps!!