Solved

#5.5.0 smtp;550  Delivery failed - HELO Name for IP Address 1.1.1.1 was "[1.1.1.1]"

Posted on 2006-06-15
9
688 Views
Last Modified: 2008-02-01
I have been dealing with being put on a CBL list and I finally got in touch with them and found out the problem. Our HELO message is incorrect. It is using the IP Address rather than the FQDN.

Using Exchange Server 2003 Sp2, windows server 2003.

I have put in the FDQN in exchagen which would seem to solve the problem here.  I also tested ehlo and helo messages by telnet and it shows the correct FQDN that matches the MX record.   PULLING MY HAIR OUT!!!!

Also behind a symantec gateway security firewall.   HELP!

I have contacted my ISP because there are 2 PTR records in DNS, but I do not think this should cause the problem, should it?

"You have more than one PTR record for 1.1.1.1.  This is legal, but most programs will only use
the first PTR record listed (which may vary)."

the 1st one is our static IP (1.1.1.1.dia.static.qwest.net), while the second is the FQDN
0
Comment
Question by:bberdel
  • 5
  • 4
9 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 125 total points
ID: 16913388
It is probably your Symantec product that is issuing the wrong banner.
Go to dnsreport.com and put in your domain. That will show you what the internet sees.

Simon.
0
 

Author Comment

by:bberdel
ID: 16913461
DNS report looks ok to me.
What can you do to a firewall to change that?  I ahve heard of problems with cisco pix, but that is it.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16913553
Does the banner show the name of the server correctly?
The dual PTR records could be causing a problem. As far as I am concerned PTR records are 1:1 - so I would ask the ISP to remove the other one.

No idea on the firewall, I don't deploy Symantec products as they tend to cause more problems than they fix.

Simon.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:bberdel
ID: 16913578
Thanks for the response.  Yes the banner does show correct name when I do telnet tests.  I have asked our ISP to remove the other one. Actually asked them 5 hours ago... No repsonse yet.   Also have a cisco ASA on the way.   Tough problem becasue it seems as though I am doing everything right...
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16913711
What are you telnetting to?
The Exchange server from inside?
The telnet test isn't valid unless you try it from outside. That is often difficult unless you have a second internet connection, which is why I suggest the dnsreport.com web site.

Simon.
0
 

Author Comment

by:bberdel
ID: 16913744
yes from the inside.   if you want to check the report domain name is mcmtrans.com

thanks again
0
 

Author Comment

by:bberdel
ID: 16913801
I think I fixed the issue.   DNS record on firewall. If that is correct I will award you the points.   thanks 4 your help.
0
 

Author Comment

by:bberdel
ID: 16913933
Actaully it was the 2 PTR records.   It just took a little while to work and I thought it was the DNS record I added to the firewall.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 16914028
Lovely. You have to be so careful with DNS, if it isn't right then people will blacklist you.

Simon.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question