Messaging Gateway

 View Only
Back to discussions
Expand all | Collapse all

Internal distribution lists that contain external addresses and Resent-From header

  • 1.  Internal distribution lists that contain external addresses and Resent-From header

    Posted Mar 21, 2011 01:53 PM

    Hi all. I have an interesting loop situation here:

    We have Brightmail 9.0.2 in the DMZ and Exchange 2007 inside.

    We have some distribution lists in AD that contain a bunch of external recipients (contacts).

    1. I send a message to the distribution list that contains external contacts.

    2. One of the external recipients opens the message and hits ReplyALL

    3. The message is received by our Brightmail and passed to the Exchange 2007 server.

    4. Exchange 2007 server submits the message to the same distribution list (it was in the ReplyALL path).

    5. the distribution list shoots the message back out to all the external recipients.

     

    This is not a big problem...  The problem is that when I look at the message history logs and find the reflected email going out, the From field of the message shows the address of the distribution list.

    I know Exchange 2007 inserts a Resent-From header when the message is reflected back. I suspect Brightmail picks up this header and actually uses it as a From address.

     

    How bad is this?  Imagine one of the external members of the distribution list no longer exists:

    the ReplyAll reflects out, and the From line shows that it was sent from the distribution list's address

    because one of the external recipients no longer exists, the mail server responsible for that recipient's domain generates a Non-Delivery Notification back to the sender of the reply... which got rewritten on the way out to the DL's address.

    So the DL receives the NDR and reflects it out to all the members.

    The invalid member's mail system generates an NDR back to the DL's address

    DL receives the NDR and reflects it out to al lthe members
     

     

    The invalid member's mail system generates an NDR back to the DL's address

    DL receives the NDR and reflects it out to al lthe members

     

     

    The invalid member's mail system generates an NDR back to the DL's address

    DL receives the NDR and reflects it out to al lthe members

     

     

    The invalid member's mail system generates an NDR back to the DL's address

    DL receives the NDR and reflects it out to al lthe members

     

     

    The invalid member's mail system generates an NDR back to the DL's address

    DL receives the NDR and reflects it out to al lthe members

     

    etc, etc.



  • 2.  RE: Internal distribution lists that contain external addresses and Resent-From header

    Posted Mar 21, 2011 02:01 PM

    Ehhh...  did some more digging and it looks like Exchange slips a modified Return-Path field on the DL-reflected message.

     

    So Brightmail is off the hook  :)