[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 18223
  • Last Modified:

Domain of sender address does not exist - NDR #5.1.8 smtp;553 5.1.8 generated

Hi,
   I hope you can help me.
   I am running Exchange Server 2003 in my organization. The server sits on the Active Directory server and the DNS Server as well. I have configured my company's domain name ntsoftware.com.my on it so that the emails will go out as user@ntsoftware.com.my.

   I have configured a reverse lookup zone and forward lookup zone correctly for my mail server (with PTR and MX Records) and my mails can go out fine.

  However, when userA send mails to this particular domain, say domainXYZ.com, the mails bounce back with this error.

<mxserver.ntsoftware.com.my #5.1.8 smtp;553 5.1.8
<userA@ntsoftware.com.my>... Domain of sender address
userA@ntsoftware.com.my does not exist>

  I have gone thru many archives but I can't seem to find the answer! Please help!
  Thank you.


0
waiming
Asked:
waiming
  • 3
  • 2
  • 2
  • +1
2 Solutions
 
David WilhoitCommented:
your domain doesn't seem to be public; what is your public DNS name? If it is public, does the DNS know where to route email for your domain name?

D
0
 
rhandelsCommented:
Hi,

If you need to send mail externally, the domain you use for your e-mail addresses (SMTP that is) need to be recognized within the DNS naming convention. So the .my needs to go, it should be ntsofware.com. Only thing is that you need to be the owner of this domain, else, you would need to deposit a new domain name with your ISP and make sure your e-mail addresses get this DNS name (@yourdomain.com). Then, make sure to change the RUS to @yourdomain.com instead of ntsoftware.com.my and you should be goo to go (also do a forced update on the RUS and make sure to delete the old e-mail addresses).
0
 
waimingAuthor Commented:
Hi Kidego,
   My domain's public DNS name is ntsoftware.com.my
   If it is not public, is there a way to make it public? How do I go about that?
   The .my is required because I am from Malaysia and the domain name is registered with MYNIC (Check www.mynic.net) - WHOIS section.
   The IP address that I have set for the domain is 202.75.190.234
   I seems to be a DNS setting and some Reverse Lookup Zone thing.... but I can't be sure. Hope that you can help.

Regards,
waiming
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
David WilhoitCommented:
you've got your private IP address published publicly, that's the misery. You must be running your own public DNS, and your internal IP address got registered. Go into the IP configuration, and uncheck that box, "register this connection's address in DNS"

D
0
 
flyguybobCommented:
The problem is that the recipient's mail server likely has an anti-virus package (or the Exchange switch flipped) that performs reverse DNS lookups.  It does not appear that ntsoftware.com.my is a registered sub-domain of .com.my.

http://www.dnsstuff.com/ does not show a listing for ntsoftware.com.my at all.  Assuming that .my is Malaysia, the holder of the .com.my domain would need to list ntsoftware.com.my as a subdomain and setup MX records for you.  DNSStuff does show a listing for ntsoftware.my, but does not show any A records (or MX records), etc.  It may be that this is your domain.

You will need to configure your external DNS servers as well as the internal servers to host the proper domain.  If you own .com.my, then you will need to either create a DOA (Delegate of Authority) to the ntsoftware.com.my domain.  If you do not own .com.my, then you will need to change your recipient policy in Exchange to send/recieve @ntsoftware.my.

Note:  If you own ntsoftware.com and ntsoftware.my, then you will need to make a decision on what domain to use as your primary.  You can also setup recipient policies so that some users send out ntsoftware.com and others send out ntsoftware.my.  It's all in the recipient policy config.  You can not, however, use ntsoftware.com.my unless you own .com.my.

Second: As a design consideration, it is always a bad idea to co-lo Exchange and Active Directory on the same server.  I always have to mention that...but small environments do not always have the luxury to follow best practices and have multiple servers.  Microsoft does make an SBS package as well.
It's also bad to directly expose your Active Directory environment and internal DNS to the Internet.
0
 
flyguybobCommented:
I double-checked.  Your MX shows an internal address and an external addres.  I would suggest setting up your external DNS so that it does not show an internal IP.  There are probably several inexpensive malaysian DNS services that will host your external DNS.

> set type=mx
> ntsoftware.com.my
Server:  [202.75.190.234]
Address:  202.75.190.234

ntsoftware.com.my       MX preference = 10, mail exchanger = othellomx.ntsoftwar
e.com.my
othellomx.ntsoftware.com.my     internet address = 192.168.1.100
othellomx.ntsoftware.com.my     internet address = 202.75.190.234
0
 
waimingAuthor Commented:
Hi all,
    The mails will go out to any other domain or any other email addresses except for this particular domain:
    malaysian-re.com.my
    The error that occurred is as I have mentioned. Microsoft says nothing about that error though.
    Kidego, I have unchecked "register this connection's address in DNS" but to no avail.
   Please advise.
   Thanx and really appreciate this.

waiming
0
 
David WilhoitCommented:
Well, you need to remove the public DNS records from your AD, this is really bad practice, as flyguybob mentioned. How soon can you get another DNS server up; just a box with W2K3 and DNS? This would host your public records, and this needs to happen fairly soon.

http://www.dnsreport.com/tools/dnsreport.ch?domain=ntsoftware.com.my+++++

As you can see, lots of issues with your DNS. If you can't build a new server, you need to build a separate primary DNS zone for ntsoftware.com.my, holding only the external IP addresses. But in reality, get a new box for external DNS or have someone host your DNS (better idea)

D
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now