Helo command rejected: Host not found

A colleague sent a message to beijinglaborie@sina.com and received the message below.  I am not sure if the problem is with our mail server or with theirs.  And if the problem is with our mail server then how do I fix it?

From: System Administrator
Sent: April 18, 2006 5:07 PM
To: beijinglaborie@sina.com
Subject: Undeliverable: FW: TUB219

Your message did not reach some or all of the intended recipients.

      Subject:      FW: TUB219
      Sent:      18/04/2006 4:33 PM

The following recipient(s) could not be reached:

      beijinglaborie@sina.com on 18/04/2006 5:07 PM
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            <lab-mail1.laborie.com #4.7.1 smtp;450 4.7.1 <lab-mail1.laborie.com>: Helo command rejected: Host not found>
rtchristieAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

LeeDerbyshireCommented:
Try the DNS Report test at www.dnsreport.com .  It may reveal that your domain has no RDNS or SPF, or something like that.  Normally, this wouldn't be a problem, but some domains are starting to insist on it.
0
rtchristieAuthor Commented:
I ran our domain (laborie.com) through dnsreports and I did see some warnings but I was not really sure on what if anything I needed to do.  One of the warnings was regarding the lack of an SPf record.  How do I create an SPF record? Is it through our ISP or is it a setting in exchange server?
0
ECNSSMTCommented:
or you may want to verify that the mailbox you are sending to is valid.  
beijinglaborie@sina.com did reply so the distant end is operating to a degree.

I wonder if the distant end is being used as a relay to lab-mail1.laborie.com and there are problems on the lab-mail1.laborie.com  end.

Regards,
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

rtchristieAuthor Commented:
There is also another warning from DNS reports regarding Mail server host name in greeting.  I would think that this is causing the problem since it specifically mentions HELO.  The warning references ntmain.laborie.com which was our old mail server, we recently switched (in Oct. 2005) to Exchange 2003 and our mail server is now lab-mail1.  Is it possible that I need to update the information somewhere to lab-mail1 intead of ntmain?
0
LeeDerbyshireCommented:
Whoever maintains your authoritative DNS record will need to add the SPF record .  There is a wizard to create the actual text at http://www.openspf.org .  Most people don't yet have SPF records, so only a really fanatical admin would block your email because of that - but it is still one possibility.
0
ECNSSMTCommented:
check out www.dnsstuff.com again, I don't see a MX or A record for lab-mail1.laborie.com.
0
rtchristieAuthor Commented:
I am a little unfamiliar on DNS and Mx records (and many other things) so forgive my ignorance here.   If you enter just laborie.com then their is an mxrecord but it comes back with ntmain.laborie.com (our old no longer running mail server), not lab-mail1.laborie.com (the new and much better mail server).  Does that mean that I need to contact the company that maintains our domain and update the mx record? Do I also need to have them create an mx record for lab-mail1.laborie.com?
0
ECNSSMTCommented:
It sounds like it. Either the SMTP relay knows specifically where to forward the email to (I assume that  beijinglaborie@sina.com is doing relay service) or it is using DNS to resolve lab-mail1.laborie.com via a MX or A record then send it.  If the latter is the case, talking to your ISP to change the record from ntmain.laborie.com to lab-mail1.laborie.com would be the best thing to do.

Regards,
0
LeeDerbyshireCommented:
It doesn't really matter what you internal DNS server names are, but it will help if you get the server to announce the same name as your MX records contain.  Look at the properties of your Default SMTP Virtual Server in ESM, and click the Delivery tab, then the Advanced button.  If the Fully-qualified Domain Name field is empty, then it may help to put the name from your MXrecord in there, so that the rest of the world knows that it's the same server.
0
rtchristieAuthor Commented:
The fully-qualified domain name field was not empty, it had lab-mail1.laborie.com in it so it looks lik updating the record from ntmain.laborie.com to lab-mail1.laborie.com wouldb be the way to go.  Thanks.
0
LeeDerbyshireCommented:
It's worth a try.  Your MX records simply supply a name that gets mapped to your IP address.  This input field tells your server how to introduce itself.
0
rtchristieAuthor Commented:
I am still interested in finding a solution.  On DNS reports, I receive the following warning.  I am not sure if this is related to the problem or not.  The warning is "Mail server host name in greeting" and the description of the warning is "One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.

lab-mail1.laborie.com claims to be invalid hostname 'SMTP':
   220 SMTP service ready
0
LeeDerbyshireCommented:
If the FQDN field definitely contains 'lab-mail1.laborie.com', then I can only imagine that you have a hardware firewall stripping the server name out of the greeting.  This also is quite common.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rtchristieAuthor Commented:
We do have a firewall.  I got some help setting it up so it is possible that it was setup this way.  Glad to hear that it is a common setup.  Thanks.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.