Mail being rejected..?
I'm having a problem with some mail being rejected to certain domains with other domains all looks good. The error message is as follows:
OutboundConnectionResponse
The domain rejecting is mainly GoDaddy...
How do I fix this? where in the world is hallmark.com coming from?
I've checked the BlackLists for our IP and I don't see it listed and am currently running a scan on the box. We have been inundated with Hallmark.com and Americangreetings.com emails... so there's some connection somewhere I just can't seem to locate it.
Any help would be appreciated.
NG,
OutboundConnectionResponse
The domain rejecting is mainly GoDaddy...
How do I fix this? where in the world is hallmark.com coming from?
I've checked the BlackLists for our IP and I don't see it listed and am currently running a scan on the box. We have been inundated with Hallmark.com and Americangreetings.com emails... so there's some connection somewhere I just can't seem to locate it.
Any help would be appreciated.
NG,
Or there is this EE article
https://www.experts-exchange.com/questions/22536186/553-Bogus-helo-error.html
https://www.experts-exchange.com/questions/22536186/553-Bogus-helo-error.html
Hi,
Ensure that your Exchange server is sending out a valid domain name during the EHLO command. You can find this in the SMTP bridgehead in Exchange 2003, or on the send connector properties in Exchange 2007. Which do you use? The FQDN used for HELO/EHLO does need to be a fully resolvable name, but does not necessarily need to match the IP you use to send mail (according to latest RFCs).
The other possibility is of course that you are a victim of 'backscatter' where a spammer is using your domain name for sending spam. IF this is the case, then you will find a lot of mail (Non-Delivery reports) being generated for your users. Also, your users would not complain of genuine Non-Delivery issues, they will complain that they didn't send mail in the first place so this is less likely.
Ensure that your Exchange server is sending out a valid domain name during the EHLO command. You can find this in the SMTP bridgehead in Exchange 2003, or on the send connector properties in Exchange 2007. Which do you use? The FQDN used for HELO/EHLO does need to be a fully resolvable name, but does not necessarily need to match the IP you use to send mail (according to latest RFCs).
The other possibility is of course that you are a victim of 'backscatter' where a spammer is using your domain name for sending spam. IF this is the case, then you will find a lot of mail (Non-Delivery reports) being generated for your users. Also, your users would not complain of genuine Non-Delivery issues, they will complain that they didn't send mail in the first place so this is less likely.
It may be necessary to ensure that your public IP has a reverse DNS (or PTR) record set up that matches the FQDN that is used in the EHLO command, if the SMTP is particularly fussy, but this should not really be a requirement if the receiving SMTP server is following RFC guidelines.
To get the reverse DNS record set up, contact the people who manage your domain name. Then ensure your SMTP bridgehead or send connector matches it.
Shaun
To get the reverse DNS record set up, contact the people who manage your domain name. Then ensure your SMTP bridgehead or send connector matches it.
Shaun
ASKER
This is 2003 Exchange Small Business Server - sorry I forgot to add that to my original post.
I stumbled across this post and the FQDN is set correctly.
What confuses me is where is the "hallmark.com" coming from - is that from GoDaddy from a cache or something?
DNSStuff says 6 warning 0 blacklists.
"SMTP bridgehead" - I'm not familiar with this?
Thanks.
NG,
I stumbled across this post and the FQDN is set correctly.
What confuses me is where is the "hallmark.com" coming from - is that from GoDaddy from a cache or something?
DNSStuff says 6 warning 0 blacklists.
"SMTP bridgehead" - I'm not familiar with this?
Thanks.
NG,
In Exchange 2003, open the Service Manager, drill down the "Servers" to your SMTP server, and open the properties page.
Under "Delivery -> Advanced" there is a place to enter the FQDN for your server.
This will be an non-routable name for Small Business Server, which uses the ".local" domain to separate Internet names from LAN names.
... Then you still need to go to GODADDY's web page, which will be something like:
http://unblock.secureserver.net/?ip=bad.ip.add.here
and swear on a stack of bibles that you've fixed the problem. (Ok - a simple form, but still...!)
Hope that helps!
Hi,
So are your users complaining that their mail is being rejected?
You say you have been inundated with hallmark and americangreetings.com emails? are these Non-Delivery reports? Are they genuine? If they are NDR's and are not genuine then it could be backscatter you are seeing.
Sorry, SMTP bridgehead in SBS is the Default SMTP Virtual server. So you need to ensure that as the article above suggests - the fqdn in use is FULLY RESOLVABLE from the outside world. It must not be a .local domain name.
What warnings does DNS give? Is the IP address given in the Bogus+helo+hallmark.com.+<
I must admit it does sound like 'backscatter' or a 'reverse DNS spam attack' to me but that all depends on how the issue is seen. Are the bounce backs about genuine emails being sent from your users?
Shaun
Basically, if you have an SMTP connector (in the connectors section of SBS) then you
So are your users complaining that their mail is being rejected?
You say you have been inundated with hallmark and americangreetings.com emails? are these Non-Delivery reports? Are they genuine? If they are NDR's and are not genuine then it could be backscatter you are seeing.
Sorry, SMTP bridgehead in SBS is the Default SMTP Virtual server. So you need to ensure that as the article above suggests - the fqdn in use is FULLY RESOLVABLE from the outside world. It must not be a .local domain name.
What warnings does DNS give? Is the IP address given in the Bogus+helo+hallmark.com.+<
I must admit it does sound like 'backscatter' or a 'reverse DNS spam attack' to me but that all depends on how the issue is seen. Are the bounce backs about genuine emails being sent from your users?
Shaun
Basically, if you have an SMTP connector (in the connectors section of SBS) then you
ASKER
"So are your users complaining that their mail is being rejected? "
Only a couple of sites are rejecting mail so yes to some degree.
"Sorry, SMTP bridgehead in SBS is the Default SMTP Virtual server. So you need to ensure that as the article above suggests - the fqdn in use is FULLY RESOLVABLE from the outside world. It must not be a .local domain name."
I did verify this and it is the FQDN from "Servers -> SMTP -> Delivery -> Advanced"
"Is the IP address given in the Bogus+helo+hallmark.com.+<
Yes, this is the mail server public IP
"Are the bounce backs about genuine emails being sent from your users?"
Yes.
Norton hasn't found anything on the server and MalwareBytes aslo didn't find anything on the server...? so as far as a virus goes I don't think there is one but there's always something...
Thanks,
Only a couple of sites are rejecting mail so yes to some degree.
"Sorry, SMTP bridgehead in SBS is the Default SMTP Virtual server. So you need to ensure that as the article above suggests - the fqdn in use is FULLY RESOLVABLE from the outside world. It must not be a .local domain name."
I did verify this and it is the FQDN from "Servers -> SMTP -> Delivery -> Advanced"
"Is the IP address given in the Bogus+helo+hallmark.com.+<
Yes, this is the mail server public IP
"Are the bounce backs about genuine emails being sent from your users?"
Yes.
Norton hasn't found anything on the server and MalwareBytes aslo didn't find anything on the server...? so as far as a virus goes I don't think there is one but there's always something...
Thanks,
Just to clarify, the domain you see in "Servers -> SMTP -> Delivery -> Advanced" MUST be a fully resolvable domain name. By that, it must end in .co.uk / .com / .net etc etc.
It must not end in .local / .internal or something that cannot be resolved from an outside SMTP server.
Only a couple of sites are rejecting mail so yes to some degree. - What happens if you use telnet to test sending a mail (http://exchange.mvps.org/smtp_frames.htm)
Shaun
It must not end in .local / .internal or something that cannot be resolved from an outside SMTP server.
Only a couple of sites are rejecting mail so yes to some degree. - What happens if you use telnet to test sending a mail (http://exchange.mvps.org/smtp_frames.htm)
Shaun
Of course it could be that you are on a blacklist.
One way to test this would to use a smarthost (your ISP will probably provide one) to send mail instead of using DNS directly. This way the receiving servers will see your ISP's IP address and not yours. If the mail problems disappear it could be that your IP address has been blacklisted.
How are the email queues on the server?
One way to test this would to use a smarthost (your ISP will probably provide one) to send mail instead of using DNS directly. This way the receiving servers will see your ISP's IP address and not yours. If the mail problems disappear it could be that your IP address has been blacklisted.
How are the email queues on the server?
ASKER
OK, I ran the telnet commands.
helo mydomain.comresponse should be as follows250 OK
I did receive 250 OK
mail from: mydomain.comresponse should be as follows250 OK - mail from
I did receive 250 OK
rcpt to: mydomain.comresponse should be as follows250 OK - Recipient
550 - currently not permitted to relay through this server. Perhaps you have not logged into the pop/imap server in the last 30 minutes or do not have SMTP Authentication turned on in your email client
dataresponse should be as follows354 Send data. End with CRLF.CRLF
550 - currently not permitted to relay through this server. Perhaps you have not logged into the pop/imap server in the last 30 minutes or do not have SMTP Authentication turned on in your email client
There was a little more info on the rcpt to: and data command all IP related and domain related that I'd rather not post on the forum...
NG,
helo mydomain.comresponse should be as follows250 OK
I did receive 250 OK
mail from: mydomain.comresponse should be as follows250 OK - mail from
I did receive 250 OK
rcpt to: mydomain.comresponse should be as follows250 OK - Recipient
550 - currently not permitted to relay through this server. Perhaps you have not logged into the pop/imap server in the last 30 minutes or do not have SMTP Authentication turned on in your email client
dataresponse should be as follows354 Send data. End with CRLF.CRLF
550 - currently not permitted to relay through this server. Perhaps you have not logged into the pop/imap server in the last 30 minutes or do not have SMTP Authentication turned on in your email client
There was a little more info on the rcpt to: and data command all IP related and domain related that I'd rather not post on the forum...
NG,
Hmm, this is odd.
You did run the telnet command on the receiving server and not on your own server?
If this is the response you are getting from the receiving server then it is misconfigured, it should be accepting mail for addresses it is authoritative.
In order to find out the server accepting mail for the domain you are having trouble with, you will need to find out the MX record for the server (use http://www.mxtoolbox.com/) Then, connect to the server using telnet and run the same commands (mail from:YOUR EMAIl ADDRESS / rcpt to:A VALID EMAIL ADDRESS AT THEIR DOMAIN NAME)
Let me know how you get on
Shaun
You did run the telnet command on the receiving server and not on your own server?
If this is the response you are getting from the receiving server then it is misconfigured, it should be accepting mail for addresses it is authoritative.
In order to find out the server accepting mail for the domain you are having trouble with, you will need to find out the MX record for the server (use http://www.mxtoolbox.com/) Then, connect to the server using telnet and run the same commands (mail from:YOUR EMAIl ADDRESS / rcpt to:A VALID EMAIL ADDRESS AT THEIR DOMAIN NAME)
Let me know how you get on
Shaun
ASKER
Good news... It's not on a Blacklist :>)
Same error when running the mail tools from mxtoolbox.
RESULT: mail.mydomain.com
Banner: 220 mydomain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Wed, 10 Jun 2009 06:35:33 -0400
Connect Time: 0 seconds - Good
Transaction Time: 5.186 seconds - Warning
Relay Check: OK - This server is not an open relay.
Rev DNS Check: OK - 66.83.X.X resolves to 66.83.X.X.nw.nuvox.net
GeoCode Info: Geocoding server is unavailable
Session Transcript:
HELO please-read-policy.mxtoolb
250 mydomain.com Hello [64.20.X.X [47 ms]
MAIL FROM: <test@mxtoolbox.com>
250 2.1.0 test@mxtoolbox.com....Send
RCPT TO: <test@mxtoolbox.com>
550 5.7.1 Unable to relay for test@mxtoolbox.c [5046 ms]
QUIT
221 2.0.0 mydomain.com Service closing transmission chann [47 ms]
Same error when running the mail tools from mxtoolbox.
RESULT: mail.mydomain.com
Banner: 220 mydomain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Wed, 10 Jun 2009 06:35:33 -0400
Connect Time: 0 seconds - Good
Transaction Time: 5.186 seconds - Warning
Relay Check: OK - This server is not an open relay.
Rev DNS Check: OK - 66.83.X.X resolves to 66.83.X.X.nw.nuvox.net
GeoCode Info: Geocoding server is unavailable
Session Transcript:
HELO please-read-policy.mxtoolb
250 mydomain.com Hello [64.20.X.X [47 ms]
MAIL FROM: <test@mxtoolbox.com>
250 2.1.0 test@mxtoolbox.com....Send
RCPT TO: <test@mxtoolbox.com>
550 5.7.1 Unable to relay for test@mxtoolbox.c [5046 ms]
QUIT
221 2.0.0 mydomain.com Service closing transmission chann [47 ms]
ASKER
I did a whois on the second IP 64.20.X.X and I'm not sure who's IP that is...
The first IP is the server for sure - but the second?
NG,
The first IP is the server for sure - but the second?
NG,
Hi,
That test on mxtoolbox is checking the recipient server for open relay and it is normal for it to return a 550 when trying to use someones elses server to relay mail. Not quite the test we need to run.
use the domain name where you have found a bounce back occurs.
Find the MX record for that domain (this will give you the server to run the telnet test)
Run the telnet test (from a command prompt) telnet [mx record for domain] 25
Use your email address as MAIL FROM:
Use the email address that causes a bounce ([alias]@domainnotacceptin
Report findings here
Shaun
That test on mxtoolbox is checking the recipient server for open relay and it is normal for it to return a 550 when trying to use someones elses server to relay mail. Not quite the test we need to run.
use the domain name where you have found a bounce back occurs.
Find the MX record for that domain (this will give you the server to run the telnet test)
Run the telnet test (from a command prompt) telnet [mx record for domain] 25
Use your email address as MAIL FROM:
Use the email address that causes a bounce ([alias]@domainnotacceptin
Report findings here
Shaun
ASKER
Sorry I didn't get a chance to run the test last night but will tonight...
I did some checking and found a utility similar to when dnsstuff was free - http://www.dnscolos.com/dnsreport.php
I got the following warning:
"The server should have an A record which points to the mailserver for the hostname which is presented in the greeting"
Anyway, I'm really confused why the error message that I get from bounced mail contains hallmark.com in it, where does that come from?
"OutboundConnectionRespons
I did some checking and found a utility similar to when dnsstuff was free - http://www.dnscolos.com/dnsreport.php
I got the following warning:
"The server should have an A record which points to the mailserver for the hostname which is presented in the greeting"
Anyway, I'm really confused why the error message that I get from bounced mail contains hallmark.com in it, where does that come from?
"OutboundConnectionRespons
ASKER
One other report...
Domain mydomain.com has only one mail-server
Checking mail server (PRI=10) mail.mydomain.com [66.83.X.X]
Mail server mail.mydomain.com[66.83.X.
<<< 220 mydomain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Thu, 11 Jun 2009 11:15:32 -0400
>>> HELO www.checkdns.net
<<< 250 mydomain.com Hello [195.60.98.253]
>>> MAIL FROM: <dnscheck@uniplace.com>
<<< 250 2.1.0 dnscheck@uniplace.com....S
>>> RCPT TO: <postmaster@mydomain.com>
<<< 250 2.1.5 postmaster@mydomain.com
>>> QUIT
Mail server mail.mydomain.com [66.83.X.X] accepts mail for mydomain.com
All MX are configured properly
Domain mydomain.com has only one mail-server
Checking mail server (PRI=10) mail.mydomain.com [66.83.X.X]
Mail server mail.mydomain.com[66.83.X.
<<< 220 mydomain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Thu, 11 Jun 2009 11:15:32 -0400
>>> HELO www.checkdns.net
<<< 250 mydomain.com Hello [195.60.98.253]
>>> MAIL FROM: <dnscheck@uniplace.com>
<<< 250 2.1.0 dnscheck@uniplace.com....S
>>> RCPT TO: <postmaster@mydomain.com>
<<< 250 2.1.5 postmaster@mydomain.com
>>> QUIT
Mail server mail.mydomain.com [66.83.X.X] accepts mail for mydomain.com
All MX are configured properly
Are some users / all users getting bouncebacks?
When you telnet your own server what does the SMTP banner report? After you type telnet [yourserver] 25 it will give a 220 response code then what is after this? Is it your proper domain name? Not hallmark.com?
When you then type EHLO [domainame] what is the 250 response you get back? This should also refer to your domain name and not anything else.
Also it should not be reading as a .local domain.
Any patterns with the bounce backs? Can you recreate a bounce back or can a user recreate a bounceback every time?
It really does feel like 'backscatter' problem to me, but that would not be the case if your users are compaining that emails they send are not getting through. This would only be if they are complaining of non Delivery reports that are nothing to do with them.
Have you run a full virus scan on all your internal PC's, do they have port 25 availability? I would advise trying to block port 25 access to anything accept your email server. This is a good general policy too.
Shaun
When you telnet your own server what does the SMTP banner report? After you type telnet [yourserver] 25 it will give a 220 response code then what is after this? Is it your proper domain name? Not hallmark.com?
When you then type EHLO [domainame] what is the 250 response you get back? This should also refer to your domain name and not anything else.
Also it should not be reading as a .local domain.
Any patterns with the bounce backs? Can you recreate a bounce back or can a user recreate a bounceback every time?
It really does feel like 'backscatter' problem to me, but that would not be the case if your users are compaining that emails they send are not getting through. This would only be if they are complaining of non Delivery reports that are nothing to do with them.
Have you run a full virus scan on all your internal PC's, do they have port 25 availability? I would advise trying to block port 25 access to anything accept your email server. This is a good general policy too.
Shaun
ASKER
"When you telnet your own server what does the SMTP banner report?"
I'm using a DOS window so I'm not sure on this one..
"telnet [yourserver] 25"
220-box569.bluehost.com ESMTP Exim 4.69 #1 Thu, 11 Jun 2009 12:15:51 -0600
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
EHLO mydomain.com
250-box569.bluehost.com Hello 66.83.X.X.nw.nuvox.net [66.83.X.X]
250-SIZE 52428800
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
This does not match my domain - bluehost is our ISP... does that mean we're relaying mail through blueshost?
I'll have some mail sent and post back if it's everyone or only a select few...
I have sanned the server and the client with no success.
I'm using a DOS window so I'm not sure on this one..
"telnet [yourserver] 25"
220-box569.bluehost.com ESMTP Exim 4.69 #1 Thu, 11 Jun 2009 12:15:51 -0600
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
EHLO mydomain.com
250-box569.bluehost.com Hello 66.83.X.X.nw.nuvox.net [66.83.X.X]
250-SIZE 52428800
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
This does not match my domain - bluehost is our ISP... does that mean we're relaying mail through blueshost?
I'll have some mail sent and post back if it's everyone or only a select few...
I have sanned the server and the client with no success.
If you actually log onto your Exchange server, then open a command prompt and actually type:
telnet localhost 25
What is the response now?
Shaun
telnet localhost 25
What is the response now?
Shaun
ASKER
I get 220 with the correct domain name.
NG,
NG,
And the 250 code is correct too? See if you can get the Non-Delivery report replicated by a user and then if you can post the NDR here that may reveal more information.
ASKER
I believe the answer is yes.
250-mydomain.com Hello [127.0.0.1]
This is what's coming back:
Your message did not reach some or all of the intended recipients.
Subject: test
Sent: 6/8/2009 10:59 AM
The following recipient(s) could not be reached:
user@deliveringto.com on 6/8/2009 11:00 AM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<mydomain.com #5.5.0 smtp;553 Bogus helo hallmark.com. <http://unblock.secureserver.net/?ip=66.83.X.X>>
250-mydomain.com Hello [127.0.0.1]
This is what's coming back:
Your message did not reach some or all of the intended recipients.
Subject: test
Sent: 6/8/2009 10:59 AM
The following recipient(s) could not be reached:
user@deliveringto.com on 6/8/2009 11:00 AM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<mydomain.com #5.5.0 smtp;553 Bogus helo hallmark.com. <http://unblock.secureserver.net/?ip=66.83.X.X>>
If you put your IP address (which I assume is 66.83.x.x) into http://unblock.secureserver.net/
What results do you get?
Are you on this particular block list?
Shaun
What results do you get?
Are you on this particular block list?
Shaun
ASKER
Correct on the IP.
http://unblock.secureserver.net/ is a form for submitting the IP and contact information.
I read from the error message - http://unblock.secureserver.net/ believes that 66.83.X.X is being incorrectly reported as hallmark.com won't it continue to get this same information unless I make some type of change?
http://unblock.secureserver.net/ is a form for submitting the IP and contact information.
I read from the error message - http://unblock.secureserver.net/ believes that 66.83.X.X is being incorrectly reported as hallmark.com won't it continue to get this same information unless I make some type of change?
Sorry nike_golf, I didn't look at the form closely enough.
Verify that your rDNS contains a name that includes "mail", "SMTP", "relay", or "MX". For example: mail.example.com, smtp.example.com, or mx1.example.com.
Have you verified your PTR record for the 66.83.xx.xx IP address? Does it include the words "mail", "SMTP", "relay" or "MX"?
To verify your PTR record for that address do the following:
Open command prompt
type the following:
nslookup
set q=ptr
66.83.xx.xx
The PTR record it displays should end in your domain name (and according to the notes above should include one of those words, but I'm not too convinced this is absolutely essential).
Verify that your rDNS contains a name that includes "mail", "SMTP", "relay", or "MX". For example: mail.example.com, smtp.example.com, or mx1.example.com.
Have you verified your PTR record for the 66.83.xx.xx IP address? Does it include the words "mail", "SMTP", "relay" or "MX"?
To verify your PTR record for that address do the following:
Open command prompt
type the following:
nslookup
set q=ptr
66.83.xx.xx
The PTR record it displays should end in your domain name (and according to the notes above should include one of those words, but I'm not too convinced this is absolutely essential).
ASKER
These are the results of the nslookup.
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>nsl
Default Server: sbs-1.mydomain.local
Address: 10.10.10.10
> set q=ptr
> 66.83.X.X
Server: sbs-1.mydomain.local
Address: 10.10.10.10
DNS request timed out.
timeout was 2 seconds.
*** Request to sbs-1.mydomain.local timed-out
>
What is the best way to test the DNS records? I don't have direct access to the DNS server can this be done externally?
Thanks.
NG,
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>nsl
Default Server: sbs-1.mydomain.local
Address: 10.10.10.10
> set q=ptr
> 66.83.X.X
Server: sbs-1.mydomain.local
Address: 10.10.10.10
DNS request timed out.
timeout was 2 seconds.
*** Request to sbs-1.mydomain.local timed-out
>
What is the best way to test the DNS records? I don't have direct access to the DNS server can this be done externally?
Thanks.
NG,
OK,
Try here; http://www.kloth.net/services/nslookup.php
Change lQuery from A to PTR and type your public IP address.
The results should include your domain name at the very least.
Shaun
Try here; http://www.kloth.net/services/nslookup.php
Change lQuery from A to PTR and type your public IP address.
The results should include your domain name at the very least.
Shaun
ASKER
DNS server handling your query: localhost
DNS server's address: 127.0.0.1#53
Non-authoritative answer:
*** Can't find mydomain.com: No answer
Authoritative answers can be found from:
mydomain.com
origin = ns1.bluehost.com
mail addr = dnsadmin.box569.bluehost.c
serial = 2009040802
refresh = 86400
retry = 7200
expire = 3600000
minimum = 300
DNS server's address: 127.0.0.1#53
Non-authoritative answer:
*** Can't find mydomain.com: No answer
Authoritative answers can be found from:
mydomain.com
origin = ns1.bluehost.com
mail addr = dnsadmin.box569.bluehost.c
serial = 2009040802
refresh = 86400
retry = 7200
expire = 3600000
minimum = 300
ASKER
Also...
DNS server handling your query: localhost
DNS server's address: 127.0.0.1#53
Non-authoritative answer:
mydomain.com
origin = ns1.bluehost.com
mail addr = dnsadmin.box569.bluehost.c
serial = 2009040802
refresh = 86400
retry = 7200
expire = 3600000
minimum = 300
mydomain.com mail exchanger = 10 mail.mydomain.com.
Name: mydomain.com
Address: 66.147.X.X
mydomain.com nameserver = ns2.bluehost.com.
mydomain.com nameserver = ns1.bluehost.com.
Authoritative answers can be found from:
DNS server handling your query: localhost
DNS server's address: 127.0.0.1#53
Non-authoritative answer:
mydomain.com
origin = ns1.bluehost.com
mail addr = dnsadmin.box569.bluehost.c
serial = 2009040802
refresh = 86400
retry = 7200
expire = 3600000
minimum = 300
mydomain.com mail exchanger = 10 mail.mydomain.com.
Name: mydomain.com
Address: 66.147.X.X
mydomain.com nameserver = ns2.bluehost.com.
mydomain.com nameserver = ns1.bluehost.com.
Authoritative answers can be found from:
So you typed your public IP address (not your domain name) where it asks for Domain, changed the Query to PTR and you got the results above?
It looks like you do not have a PTR for your Public IP if that is the case, so if you contact your ISP (who give you your internet connection) and ask them to setup a PTR record for your public IP to point to your mail exchange.
shaun
It looks like you do not have a PTR for your Public IP if that is the case, so if you contact your ISP (who give you your internet connection) and ask them to setup a PTR record for your public IP to point to your mail exchange.
shaun
ASKER
Sorry, I misread and used my domain name instead... ignore the last 2 posts.
This is using the IP:
DNS server handling your query: localhost
DNS server's address: 127.0.0.1#53
Non-authoritative answer:
X.X.83.66.in-addr.arpa name = 66.83.X.X.nw.nuvox.net.
Authoritative answers can be found from:
This is using the IP:
DNS server handling your query: localhost
DNS server's address: 127.0.0.1#53
Non-authoritative answer:
X.X.83.66.in-addr.arpa name = 66.83.X.X.nw.nuvox.net.
Authoritative answers can be found from:
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://social.technet.microsoft.com/Forums/en-US/exchangesvrtransport/thread/ac58a522-5880-42b1-8621-0e5b43374f1a
Can you also advise what your domain is so that I can check the DNS settings for you, or if you wish to keep this close to your chest, you can visit www.dnsstuff.com and check it for yourself.