Undeliverable Inbound proxy probe message troubleshoot

BTS-0610 6 Reputation points
2021-08-12T20:47:53.843+00:00

Hello All,

We recently set added DMARC, SPF and DKIM (plug-in) for our 2013 Exchange server. We are getting emails with the subject of "Inbound proxy probe" email messages from "noreply-dmarc-support@domain.local". I look at the messages in more detail and they show  

"This is an authentication failure report for an email message
received from IP 127.0.0.1 on 'date and time'

....Received: from 'exchangeserver.local' ('intenral Ip') by 'exchangeserver.local'
('intenral Ip')
Received: from InboundProxyProbe (127.0.0.1) by 'exchangeserver.local'
(127.0.0.1)
X-MS-Exchange-ActiveMonitoringProbeName: OnPremisesInboundProxy
X-Exchange-Probe-Drop-Message: FrontEnd-CAT-250
Subject: Inbound proxy probe
Message-ID: <0479e598445545fc85f57c2d913e65a5@'exchangeserver.local'>
From: <inboundproxy@Company portal .com>
To: Undisclosed recipients:;
Return-Path: inboundproxy@Company portal .com
"
I researched the message and deleted the health mailboxes in case this was the issue. After recreating the health mailboxes by restarting the Exchange Health Manager Service, I ran the command "Get-Mailbox -monitoring | fl name,EmailAddresses" and got all the mailboxes to display their info.

Here is one sample of the info I see for for each mailbox:

"Name : HealthMailboxad'guid'
EmailAddresses : {smtp:HealthMailboxad'guid'@keyman .local, X400:C=US;A=
;P='domain';O=Exchange;S=HealthMailboxad'guid';,
SMTP:HealthMailboxad'guid'@keyman .com, SIP:HealthMailboxad'guid'@keyman .com}
"

From what I have read this could be due to an incorrect email address.
I see that smtp has two emails -
1) "HealthMailboxad'guid'@keyman .local"
2) "HealthMailboxad'guid'@keyman .com"

I also see the SIP also lists "HealthMailboxad'guid'@keyman .com"

Even though I forced the Health mailboxes to recreate, is it possible this information is incorrect? Or is it OK to have two aliases of ".local" and ".com"?

I would greatly appreciate further insight on this subject and possible resolutions.

thank you,
Brian

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,386 questions
0 comments No comments
{count} vote

2 answers

Sort by: Most helpful
  1. Xzsssss 8,861 Reputation points Microsoft Vendor
    2021-08-13T07:26:33.1+00:00

    Hi @BTS-0610 ,

    Have you changed the main SMTP address of your server? I'm not sure if both domain.com and domain.local are used by your server.

    If this is what you are experiencing, please consider using a corresponding SMTP Address. After changing the address, please delete the health mailboxes from ADUC > Microsoft Exchange System Objects > Monitoring Mailboxes and then restart Exchange Health Manager Service on every server.

    Or you can try use commands to change the SMTP address for them:

    Get-Mailbox -Monitoring | Name  
    Set-Mailbox -Identity HealthMailbox*********@domain.com -PrimarySMTPAddress HealthMailbox*******@domain.local   
    

    Best regards,
    Lou


    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  2. BTS-0610 6 Reputation points
    2021-08-17T20:10:34.557+00:00

    I posted that I thought I had figured it out. I did some research and needed to make some changes to align DKIM with DMARC. A few firewall rules were adjusted as well and that helped with some of the messages. But I am still getting the inbound proxy probe errors.

    https://powerdmarc.com/why-is-dmarc-failing/

    The inbound proxy probe emails state there is an authentication error. Any additional help would be appreciated.

    "This is an authentication failure report for an email message received from...."

    thank you,
    Brian