Link to home
Create AccountLog in
Avatar of Biziteks
Biziteks

asked on

Problem sending to cfl.rr.com domain

I am running Windows 2003 SBS w/ Exchange 2003

Heres the deal.

About 3 weeks ago my users started complaining about getting kickbacks whenver they tried to email any @cfl.rr.com addresses. They were receiving the "Relaying Delayed" message and then eventually a NDR failure report.

I looked into the issue and noticed they did not have a valid reverse PTR so I set that up, I called up RR and told them I had fixed they problem and they informed me that my IP has never been on any blocklist of theres and I should be having no problems emailing them.

Researching further into the problem I realized that due to NAT'ng my exchange server is actually sending out on a diffrent IP than I setup the PTR for, so I attempted to set up a PTR for the correct IP, yet still continue to recieve errors and RR still denies that I am on any blocklist.

I have been bashing my head against the wall trying to figure this out and am getting nowhere. Here is the information I have

the IP which I RDC into the server is 72.17.255.130 (mail.rclawpa.com)

the IP which all the mail appears to be coming from is 72.17.255.61 (this is also what shows up when I go to www.whatsmyip.com)

This is the original kickback

This is an automatically generated Delivery Status Notification.

THIS IS A WARNING MESSAGE ONLY.

YOU DO NOT NEED TO RESEND YOUR MESSAGE.

Delivery to the following recipients has been delayed.

       admin@cfl.rr.com

Which is followed up about a day later by this kickback

Your message did not reach some or all of the intended recipients.

Subject: test
Sent: 3/23/2006 3:41 PM

The following recipient(s) could not be reached:

  admin@cfl.rr.com on 3/25/2006 3:42 PM
  Could not deliver the message in the time limit specified. Please retry or contact your administrator.
  <rcserv1.rclawpa.local #4.4.7>

This is what I get when I try to telnet to clmboh-01.mgw.rr.com (cfls mail server)
220-clmboh-mx-02.mgw.rr.com ESMTP
220 Welcome to Road Runner.  NO UCE *** FOR AUTHORIZED USE ONLY! ***  Please Fix
 your Reverse DNS ***

Here is the correspondence between me and the RR security tech

Message came from IP address 72.17.254.61, James:

> Received: from rcserv1.rclawpa.local (72-17-254-61.orl.fdn.com
>     [72.17.254.61] (may be forged))
>         by security.rr.com (8.12.9/8.12.6) with ESMTP id k2NKdOND017647
>         for <therr@security.rr.com>; Thu, 23 Mar 2006 15:39:28 -0500 (EST)

Not blocked here, and never has been in our internal block list, so
far as I can tell:

  http://security.rr.com/cgi-bin/block-lookup?72.17.254.61

However, per our rate limiting policy, this IP would be limited to 10
recipients per hour, as it resolves to a name that not only does not
resolve back to the IP, the name doesn't resolve at all:

  # host 72.17.254.61
  61.254.17.72.in-addr.arpa domain name pointer 72-17-254-61.orl.fdn.com.

  $ host 72-17-254-61.orl.fdn.com
  Host 72-17-254-61.orl.fdn.com not found: 3(NXDOMAIN)

  http://security.rr.com/spam.htm#ratelimit

Get your ISP to create a DNS 'A' record for 72-17-254-61.orl.fdn.com,
resolving to 72.17.254.61, and you should be in better shape.


On Thu, 23 Mar 2006, at 15:39, Administrator wrote:

> Hey Todd,
> Here is an email from the affected server.
>
> Thanks for your help.
>
> -James
>
> ________________________________
>
> From: James Hart [mailto:jhart@biziteks.com]
> Sent: Thu 3/23/2006 3:33 PM
> To: Administrator
> Subject: FW: [BLOCKINFO] Email being blocked
>
>
>
>
>
> -----Original Message-----
> From: Todd Herr [mailto:therr@security.rr.com]
> Sent: Thursday, March 23, 2006 10:44 AM
> To: James Hart
> Subject: Re: [BLOCKINFO] Email being blocked
>
> Hello, James.
>
> I can't see any issues with IP address 72.17.255.130; it's not now,
> nor has it ever been, in a block list the content for which is under
> Road Runner's control:
>
>   http://security.rr.com/cgi-bin/block-lookup?72.17.255.130
>
> The error message below "Please Fix your Reverse DNS" is one that
> our servers would generate if the reverse DNS record for the IP
> connecting to them resolved to a name ending in 'in-addr.arpa'; this
> IP doesn't seem to be so afflicted:
>
>   # host 72.17.255.130
>   130.255.17.72.in-addr.arpa domain name pointer mail.rclawpa.com.
>
> Have you taken steps to get this IP's PTR record updated between
> the time you sent the message below and now?  If not, can you please
> send me a message from the server having issues?  My mailbox refuses
> mail from no one, regardless of the block status or PTR record of
> the server.
>
> On Thu, 23 Mar 2006, at 09:19, James Hart wrote:
>
> > Our company is experiencing kickbacks whenever we try to email a
> > @cfl.rr.com address. I noticed that we did not have a reverse DNS
> setup
> > and got that all fixed. However, We still are receiving the kickbacks.
> > Here is the information I gleaned from telnetting to your mail
> servers.
> >
> >
> >
> >  220-orngca-mx-10.mgw.rr.com ESMTP
> >
> > 220 Welcome to Road Runner.  NO UCE *** FOR AUTHORIZED USE ONLY! ***
> > Please Fix
> >
> >  your Reverse DNS ***
> >
> >
> >
> > The IP I am trying to connect from is 72.17.255.130 and the domain is
> > mail.rclawpa.com
> >
> >
> >
> > Please let me know if there is any problem remaining that we need to
> > take care of.
> >
> > James Hart



Sorry this post is so long but I wanted to inclue all information I have gleaned from this problem so far, Any help is much appreciated
Avatar of Biziteks
Biziteks

ASKER

Also this is the ONLY domain that I am having problems emailing, every other one works just fine, including AOL which is known to be a pain to get working.
ASKER CERTIFIED SOLUTION
Avatar of Sembee
Sembee
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer