July 4, 2008 09:14pm pdt

1. KCTS 201,513
2. tigermatt 107,527
3. leew 54,987
4. oBdA 52,885
5. MrHusy 48,000
6. RobWill 46,638
7. martin_b... 41,358
8. ryansoto 32,990
9. toniur 31,850
10. merowinger 31,500
11. Mikey_TT 31,200
12. mboppe 30,992
13. TechSoEasy 30,100
14. lnkevin 29,980
15. LauraEHu... 28,759

1. KCTS 941,835
2. farhankazi 463,550
3. MrHusy 416,551
4. Sembee 328,464
5. TechSoEasy 289,434
6. oBdA 223,431
7. leew 209,218
8. tigermatt 195,890
9. LauraEHu... 187,651
10. sirbounty 152,540
11. Jay_Jay70 148,096
12. toniur 137,191
13. mboppe 135,740
14. RobWill 122,527
15. Chris-Dent 111,710

03.07.2007 at 01:11PM PST, ID: 22434843

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

9.4

553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

Zones: Microsoft Server, Exchange Email Server

Tags: domain, list, allowed, my, 553

I am getting the 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) error when trying to send out to certain recipients. Everything was working fine until we changed the public IP address for the server since we switched ISPs.

I have reviewed other entries and I cannot find anything applicable to what we are experiencing.

- Exchange 2003 with latest SP and patches running on Windows 2003

Here is the error:

-----Original Message-----
From:       System Administrator
Sent:      Sunday, March 04, 2007 8:42 PM
To:      Dave Breit
Subject:      Undeliverable: audio stream code

Your message did not reach some or all of the intended recipients.

Subject:      audio stream code
Sent:      3/4/2007 8:42 PM

The following recipient(s) could not be reached:

Dave Breit on 3/4/2007 8:42 PM
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

The ISP has the correct reverse DNS information and we are resolving via DNS and not Smart Host.

Any help would be appreciated.

Start your free trial to view this solution

Question Stats

Zone: OS

Question Asked By: woolieb

Solution Provided By: Sembee

Participating Experts: 1

Solution Grade: A

Translate:

Loading Advertisement...

Microsoft

Internet Protocols
Applications

Development
OS

Hardware
Windows Security

Apple

Operating Systems
Hardware

Programming
Networking

Software

Internet

Search Engines
File Sharing
WebTrends / Stats
Spy / Ad Blockers

Web Browsers
New Net Users
Web Development
Chat / IM

Anti Spam
Web Servers
Anti-Virus
Email Clients

Gamers

Tips
Online / MMORPG
Puzzle
Emulators

Action / Adventure
Role Playing
Consoles
Game Programming

Strategy
Sports
Misc
Computer Games

Digital Living

Hardware
New Net Users
New Users

Software
Digital Music
Gaming World

Home Security
Apple
Networking Hardware

Virus & Spyware

Vulnerabilities
IDS
Encryption
Anti-Virus

Operating Systems Security
Software Firewalls
WebApplications
Cell Phones

Operating Systems
Internet
Hardware Firewalls

Hardware

Handhelds / PDAs
Displays / Monitors
Components
Networking Hardware

Peripherals
Laptops/Notebooks
Storage
Servers

Desktops
New Users
Misc
Apple

Software

System Utilities
Industry Specific
Network Management
Photos / Graphics
Page Layout
VMWare
Misc
Web Development

OS
CYGWIN
Voice Recognition
Message Queue
Quality Assurance
Security
Firewalls
MultiMedia Applications

Development
Database
Office / Productivity
Business Management
OS/2 Apps
Server Software
Internet / Email

ITPro

OS
Storage
Encryption
Operating Systems Security
Apple Hardware
Laptops & Notebooks
Servers
Networking Hardware
Peripherals

Devices
Displays / Monitors
WebTrends / Stats
Search Engines
Firewalls
WebApplications
IDS
Vulnerabilities
Email Clients

File Sharing
Spy / Ad Blockers
Web Browsers
Web Servers
Networking
Anti-Virus
Chat / IM
Anti Spam

Developer

Web Servers
Web Browsers
Game Programming
Dev Tools
Industry Specific
Office / Productivity

Database
CYGWIN
Web Development
Search Engines
File Sharing
WebTrends / Stats

Programming
Content Management
Application Servers
Protocols

Storage

Removable Backup Media
Storage Technology
Servers

Grid
Remote Access
Backup / Restore

Misc
Hard Drives

Miscellaneous
Security
Development
Linux
VMWare

MainFrame OS
Unix
Apple
OS / 2
AS / 400

BeOS
Microsoft
VMS / OpenVMS

Database

Oracle
Miscellaneous
MySQL
Software
Sybase
Contact Management
PostgreSQL
Data Manipulation
Clarion
InterSystems Cache

Siebel
MUMPS
OLAP
SQLBase
SAS
GIS & GPS
4GL
Berkeley DB
DB2
Informix

Interbase / Firebird
FoxPro
Reporting
LDAP
Filemaker Pro
MS SQL Server
dBase
MS Access

Security

Misc
Web Browsers
Software Firewalls
Operating Systems Security
File Sharing

Spy / Ad Blockers
Vulnerabilities
WebApplications
IDS
Anti-Virus

Encryption
Anti Spam
Email Clients
VPN
Chat / IM

Programming

Editors IDEs
Installation
Handhelds / PDAs
Multimedia Programming
System / Kernel

Algorithms
Game
Signal Processing
Project Management
Open Source

Database
Misc
Languages
Processor Platforms
Theory

Web Development

Scripting
Blogs
Web Servers
Software
Search Engines
Web Graphics
Images

Internet Marketing
Images and Photos
Components
Document Imaging
Web Languages/Standards
Illustration
WebApplications

Fonts
WebTrends / Stats
Authoring
Digital Camera Software
Miscellaneous

Networking

Protocols
Apple Networking
Network Management
Message Queue
Application Servers
Content Management
File Servers
Email Servers
Misc
Java Editors & IDEs

Wireless
Networking Hardware
Backup / Restore
System Utilities
ISPs & Hosting
Web Servers
Storage Technology
Removable Backup Media
Servers
Broadband

Grid
OS / 2
Novell Netware
Unix Networking
Windows Networking
Security
Telecommunications
Operating Systems
Linux Networking

Other

Community Advisor
Lounge
Community Support
New Net Users

Philosophy / Religion
Math / Science
Miscellaneous
URLs

Expert Lounge
Politics
Puzzles / Riddles

Community Support

Suggestions
New to EE
New Topics
Community Advisor

CleanUp
Announcements
General

Feedback
Input
EE Bugs

03.07.2007 at 02:26PM PST, ID: 18674678

Rank: Savant

Sembee:

Put your domain name in to dnsreport.com and see whether it flags any errors.

Simon.

03.09.2007 at 11:49AM PST, ID: 18689910

woolieb:

Yes. Here is what it returned. Please let m know what needs to be done to rectify it. Also, on the name servers they are referencing an ISP I don't use anymore. Should my current ISP provide me with information to replace this?

Open DNS Servers

ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are:

Server 207.103.0.14 reports that it will do recursive lookups. [test] Server 207.103.11.9 reports that it will do recursive lookups. [test] See this page for info on closing open DNS servers.

Missing (stealth) nameservers

FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNS Report will not query these servers, so you need to be very careful that they are working properly.

ns3.voicenet.com.
ns4.voicenet.com.
This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).

Stealth NS record leakage

Your DNS servers leak stealth information in non-NS requests:

Stealth nameservers are leaked [ns3.voicenet.com.]!
Stealth nameservers are leaked [ns4.voicenet.com.]!

This can cause some serious problems (especially if there is a TTL discrepancy). If you must have stealth NS records (NS records listed at the authoritative DNS servers, but not the parent DNS servers), you should make sure that your DNS server does not leak the stealth NS records in response to other queries.

03.09.2007 at 04:44PM PST, ID: 18691851

Rank: Savant

Sembee:

That is DNS errors. That will have nothing to do with the problem.
Did you get any errors in the mail server section?

You don't have to use the name servers of your existing ISP. If your previous ISP is responsible for the domain then it will continue to work.
What you might want to consider is transferring the domain to a dedicate domain name registrar - GoDaddy, register.com etc.

Simon.

03.12.2007 at 06:30AM PDT, ID: 18701707

woolieb:

Here are the errors in the Mail section:

WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.

monmouth.voyantinc.com claims to be invalid hostname
'*l7********************************ESMTP':
220 *l7********************************ESMTP

(Voyant is the spam filtering service we use at all sites)

ERROR: One or more of your mailservers does not accept mail to postmaster@timesonline.com. Mailservers are required (RFC822 6.3, RFC1123 5.2.7, and RFC2821 4.5.1) to accept mail to postmaster.

monmouth.voyantinc.com's postmaster response:
>>> RCPT TO:<postmaster@timesonline.com>
<<< 554 5.7.1 <postmaster@timesonline.com>: Recipient address rejected: User not registered with ContentCatcher

WARNING: One or more of your mailservers does not accept mail to abuse@timesonline.com. Mailservers are expected by RFC2142 to accept mail to abuse.

monmouth.voyantinc.com's abuse response:
>>> RCPT TO:<abuse@timesonline.com>
<<< 554 5.7.1 <abuse@timesonline.com>: Recipient address rejected: User not registered with ContentCatcher

Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004).

These are all of the warnings and errors in the Mail section of the DNS test.

03.12.2007 at 07:34AM PDT, ID: 18702274

Rank: Savant

Sembee:

Do you send your email through the antispam service provider?

If not, then the dnsreport will not show anything of any use, as it uses public DNS information for your domain to query.

You will need to look at what IP address your server goes out as, then use the tools at dnsstuff.com to see whether that IP address has a reverse DNS entry.
For checking the IP address I tend to use http://checkip.dyndns.org/ on the server itself.

Another option would be to simply send all outbound email via the antispam provider.

Simon.

Accepted Solution

03.12.2007 at 08:00AM PDT, ID: 18702479

woolieb:

Good stuff. I ran the URL and it came up with a different IP address then the external one given to me by the ISP. I am having a rDNS record added for this address and will let you know how it goes.

20080236-EE-VQP-29