Troubleshooting email flow issue
-
I sent a few test messages from my personal gmail account to [email protected] and they did not show up in the G Suite account - I haven't heard from my user yet, I'm assuming he got them over on O365.
-
if this is spam email coming from google's own platform - I suppose I could see them not actually checking the MX record, and instead just looking at google's own records - sees this G Suite account for the domain in question, and poof - the message stays in google's platform and is delivered there.
Though why Google would treat this spam different than emails coming from their own gmail system is something I don't understand. (now ready to hear why it totally makes sense )
Thoughts?
-
Pretty sure I figured it out.
The domain in question had 2 MX records,
- O365
- gmail
O365 has the higher priority, and there have never been any complaints of missing messages.
I'm assuming this spam made it to google, because I know some spammers specifically use the secondary, etc MX records in hopes of bypassing spam filters. So I'm assuming that's what was happening here.
Now that said - I did see a single Twitter email in the G Suite - so I'm guessing there was glitch at O365 once, and Twitter hit it and tried the secondary...
-
@Dashrender said in Troubleshooting email flow issue:
if this is spam email coming from google's own platform - I suppose I could see them not actually checking the MX record, and instead just looking at google's own records - sees this G Suite account for the domain in question, and poof - the message stays in google's platform and is delivered there.
Though why Google would treat this spam different than emails coming from their own gmail system is something I don't understand. (now ready to hear why it totally makes sense )
Thoughts?
Most of the time, if you have a domain in the same system as a big platform as G-suite or Office 365, the email will be routed internally instead of looking at an MX record. This happens with Exchange same with other email systems because it looks internal before going to do a DNS lookup.
-
@dbeato said in Troubleshooting email flow issue:
@Dashrender said in Troubleshooting email flow issue:
if this is spam email coming from google's own platform - I suppose I could see them not actually checking the MX record, and instead just looking at google's own records - sees this G Suite account for the domain in question, and poof - the message stays in google's platform and is delivered there.
Though why Google would treat this spam different than emails coming from their own gmail system is something I don't understand. (now ready to hear why it totally makes sense )
Thoughts?
Most of the time, if you have a domain in the same system as a big platform as G-suite or Office 365, the email will be routed internally instead of looking at an MX record. This happens with Exchange same with other email systems because it looks internal before going to do a DNS lookup.
I have O365 in mid migration for a client right now. All email from Microsoft admin portal such as password reset follow MX records. Which means they go to the on prem server still. No AD sync or anything on this. Making a clean cut away fromthe local AD for O365.
-
@dbeato said in Troubleshooting email flow issue:
@Dashrender said in Troubleshooting email flow issue:
if this is spam email coming from google's own platform - I suppose I could see them not actually checking the MX record, and instead just looking at google's own records - sees this G Suite account for the domain in question, and poof - the message stays in google's platform and is delivered there.
Though why Google would treat this spam different than emails coming from their own gmail system is something I don't understand. (now ready to hear why it totally makes sense )
Thoughts?
Most of the time, if you have a domain in the same system as a big platform as G-suite or Office 365, the email will be routed internally instead of looking at an MX record. This happens with Exchange same with other email systems because it looks internal before going to do a DNS lookup.
actually, this is not true - and I'm thankful it's not. My tests proved that it was true, because my gmail based tests made it to O365.
-
@Dashrender said in Troubleshooting email flow issue:
I'm wondering - does the 10. address imply that this server is internal a google?
No it's saying the email originated from that server.
-
@JaredBusch said in Troubleshooting email flow issue:
@dbeato said in Troubleshooting email flow issue:
@Dashrender said in Troubleshooting email flow issue:
if this is spam email coming from google's own platform - I suppose I could see them not actually checking the MX record, and instead just looking at google's own records - sees this G Suite account for the domain in question, and poof - the message stays in google's platform and is delivered there.
Though why Google would treat this spam different than emails coming from their own gmail system is something I don't understand. (now ready to hear why it totally makes sense )
Thoughts?
Most of the time, if you have a domain in the same system as a big platform as G-suite or Office 365, the email will be routed internally instead of looking at an MX record. This happens with Exchange same with other email systems because it looks internal before going to do a DNS lookup.
I have O365 in mid migration for a client right now. All email from Microsoft admin portal such as password reset follow MX records. Which means they go to the on prem server still. No AD sync or anything on this. Making a clean cut away fromthe local AD for O365.
I see, but to be more specifically. Try sending an email account from within Office 365 to the same domain. It will not go through the MX records one. What you are saying is that Microsoft notifications would go from Microsoft to the domain MX records while anything within the domain in Office 365 won't follow the same.
-
@dbeato said in Troubleshooting email flow issue:
I see, but to be more specifically. Try sending an email account from within Office 365 to the same domain.
Not true. Our domain
bundystl.com
is on O365 and all my email to users went to the on prem server. -
@Dashrender said in Troubleshooting email flow issue:
Pretty sure I figured it out.
The domain in question had 2 MX records,
- O365
- gmail
O365 has the higher priority, and there have never been any complaints of missing messages.
I'm assuming this spam made it to google, because I know some spammers specifically use the secondary, etc MX records in hopes of bypassing spam filters. So I'm assuming that's what was happening here.
Now that said - I did see a single Twitter email in the G Suite - so I'm guessing there was glitch at O365 once, and Twitter hit it and tried the secondary...
Often, spammers will send mail to a higher MX record on purpose. There are many reason they do this, Less protected routes to a gullible user is one of them.