0

I have an objective of configuring our mail server to forward inbound messages to third party provider.

  • Mail have to appear from original sender
  • Forwarding have to be managed from Exchange Server, not by clients
  • Based on Exchange Server 2010

Solution we initially come up with was Transport Agent Rules that would redirect or copy inbound emails to external mailboxes; however, some senders with configured SPF records start receiving bounce-backs from destination server (which would make sense as out mail server that forwards emails with original return path is not authorized in sender domain SPF).

One of solutions i read about was SRS, but i was not able to find any examples or instructions of implementation on Exchange.

Ward - Trying Codidact
  • 12,899
  • 28
  • 46
  • 59
JagdCrab
  • 111
  • 4
  • Is updating the SPF records to include your server not an option? – Todd Wilcox May 05 '16 at 16:16
  • @ToddWilcox SPF records belong to senders. So there is theoretically unknown number of other domains which we would need to convince to add some random mail server as trusted relay. So not really an option. – JagdCrab May 05 '16 at 16:29
  • 3
    Perhaps re-addressing the question of whether you should be trying to relay these messages is in order. If I'm a recipient and I'm stopping messages based on SPF failure, I **want** messages relayed through your server to be blocked, unless you've gotten the original senders to update their SPF records. That's why I'm using SPF in the first place. – Todd Wilcox May 05 '16 at 17:14
  • @ToddWilcox I generally would agree with you; however, there is specific case that dictate requirement of redirecting mail from one mail domain to another while preserving original sender. Recipient server technically also belong to our company and "trust" forwarder, but under foreign authority so implementing changes on that end somewhat problematic. I'm aware that it is suboptimal design in a first place, but well, have to work with what i've got to provide immediate solution before taking time to do everything properly. – JagdCrab May 05 '16 at 19:32
  • Whoever is in control of the final destination server can exclude e-mail coming from the forwarding server from SPF checking. If you can't change the SPF records and you can't change how the receiving server responds to the SPF records and the mail forwarding, then you are not in a position to fix this problem and you'll have to punt this to someone who can actually make one of those changes. – Todd Wilcox May 05 '16 at 19:43

0 Answers0