hi halijenn / NT

thanks for looking into the same . the MX record sent across by me is a sample . Actually i was concerned for the email headers in the yahoomail as

iam not sure why private IP Address are visible over there .Please let me know if the mail server MX record is required for you to resolve the issue .

Hi Magnus

thanks for looking into this . Please find attached the snapshot of the yahoomail headers .I have blurred the IPs for confidentiality purpose .There are 2 email servers 172.X.X.1 [ MBX1.plprairiewi.com] and 172.X.X.2 [ MBX2.plprairiewi.com] which are visible in the headers .The Static command in the firewall is as follows (please ignore the static statement in my first mail as i have given dummy IP and MX Record earlier for confidentiality purpose].Please let me know if same is required for us to proceed forward.

static (inside,outside) 67.X.X.94 172.16.10.1 netmask 255.255.255.255

67.X.X.93 is the firewall IP [ exchange.plprairiewi.com ]

Also i am not able to understand as to why the field " X-Originating-IP" in the header is Firewall IP Address . Ideally it should be the 67.X.X.94

Hi Magnus

thanks for the explanation , i just want to elaborate my understanding .please help me if i am correct

1)

MBX2 recieved it from MBX1

MBX1 then gets it back from MBX2

The above sequence happens when the user sends the packet to exchange server and it seems to be that they pass the packet to each other as may be they are in NLB / Cluster .What i want to say is that MBX2  / MBX1 are exchange servers ( i believe that they are exchange (or domino) as customer has not told me about them and i am making my assumption)

Exchange recieved it from MBX1

Your above statement refers to exchange giving the packet to SMTP Gateway (and we can alsosee from the headers that though the name is exchange.plprairiewi.com , we can see that Microsoft SMTP Service is running on the same )

2) Also i want to understand is the reason for the Public ip of the firewall rather than the static IP appearing in the mail headers

To address your concerns:  1) It looks like the first leg of the transaction is using IPv6 connectors. The the mail comes back on an IPv4 connector. This may be completely normal depending on your exchange config.  2) The external ip that the exchange will look like depends on the ip of the exchange server and any NATs or STATICs it might match. Whats is the internal IP?  - Magnus

Hi

Thanks for the reply ! The IP 172.16.10.1 is the SMTP Gateway configured for Static as follows

static (inside,outside) 67.X.X.94 172.16.10.1 netmask 255.255.255.255

67.X.X.93 is the firewall IP [ exchange.plprairiewi.com ]

Hence my query is that is it possible with the above config to see the Firewall IP Address in the "X-originating-IP" field instead of the one mentioned in tje static in the email header attached to this mail .

Hi Magnus

Please let me know regarding my below query

Ankurs,      What ip address does your internal exchange server have? Since the exchange server is the last one of your servers in the header, it was the server that connected out to yahoo. If you do not have a STATIC for that host (1-to1 statuc, not static PAT) then he is most likely going to hit a PAT overload translation (ya know, a nat/global pair) when he establishes an outbound connection to the internet.   - Magnus