Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 319
  • Last Modified:

Exchange 2000, cant send mail to aol users

Hi, all mail that we send from our company is blocked by AOL.  I am working to fix this problem but am having a tough time.  Hoping someone has had this same issue and can provide some insight.  At this point I feel the problem is because when performing a reverse DNS lookup of our IP, it fails.  This is why I think we cannot send mail to AOL users.  Our system is setup like this.  I am going to use fake info but hopefully you can understand:

Domain: test.com
mail.test.com = x.x.x.30

x.x.x.30 is nat'd to an internal ip that is our spam filter. its then forwarded to our exchange server.
now the exchange server is nat'd to x.x.x.2
I am not too familiar with all of this so my terms maybe used incorrectly and I apologize ahead of time for that.  I can provide any additional info that is needed, Thanks
0
RHNOC
Asked:
RHNOC
  • 6
  • 5
  • 4
2 Solutions
 
SembeeCommented:
If you don't have a reverse DNS then you will be unable to send to AOL.

Thats it.

AOL block on a lot of items, but if you fail the most basic test, then your server will be blocked.

You will need to configure an SMTP Connector to send email through your ISPs SMTP Server.
http://www.amset.info/exchange/smtp-connector.asp

Put your domain name in to dnsreport.com and see what other errors it comes up with.

Simon.
0
 
ExchgenCommented:
AOL does reverse DNS all you have got it rite....

Let me give you a workaround to get your issue fixed real quick...

Send a blank email to ipconfirm@mailtest.mx.aol.com.

You would get a response back with the IP AOL is seeing when your server is trying to connect... Create a reverse pointer for that IP and wait for 24 to 48 hours.

Take my word THIS WILL FIX IT...

:)

Raghu
0
 
RHNOCAuthor Commented:
Sembee - Your solution seems to be a work around for people that are using DSL or have a dynamic IP.  We are using a T1 with a static IP.  Thanks for you help on this matter.  I would like to correct this the proper way.  I'm not saying yours isn't, all I am saying is I want to correct the reverse DNS problem.  

Raghu - I sent a blank email to the address you specified.  I received the IP that the server is using.  Its the one that I thought. The x.x.x.2.  Now you mentioned create a reverse pointer for that IP.  Where or who do I do that through?  Do I do that on my DNS server.  Or do I contact the company hosting my Domain name?  Sorry for my lack of knowledge on this matter.  Thanks to both of you for your help.  Its greatly appriciated.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
SembeeCommented:
Your reverse DNS is setup by your ISP. If they tell you otherwise, ask to speak to someone who has a clue.
Preferably it should match the forward DNS and what is in the SMTP Banner

http://www.amset.info/exchange/dnsconfig.asp

My solution works for anyone who doesn't have their DNS setup correctly.

Simon.
0
 
RHNOCAuthor Commented:
Thanks for you quick response and help simon.  I want to get my DNS setup correctly.  So just so that I have this clear.  Currently mail.test.com points to x.x.x.30, and thats correct and working, but I need to have x.x.x.2 reverse point to mail.test.com?  Is that correct?  Wouldn't that cause problems?  Thanks again... :)
0
 
SembeeCommented:
If the Exchange server appears to come from x.x.x.2 then that needs to have a reverse DNS set.

This site will tell you what the Exchange server appears to be to the internet: http://checkip.dyndns.org/

Simon.
0
 
ExchgenCommented:
Jive...

You can get in to the properties of default virtual smtp server and check the FQDN mentioned there... It would normally say servername.addomainname.com (or local, net etc).

Change that to reflect what you have your MX configured as, say mail.yourdomain.com (in the internet).

Add a local "A" record for mail.yourdomain.com (local DNS server) pointing to the internal IP address of the server.

Ask your ISP to create a PTR for mail.yourdomain.com corrosponding to the IP that AOL captured from your end.

Wait for the sun to rise tomorrow and all should be fine... :)

Raghu
0
 
RHNOCAuthor Commented:
I want to thank both of you for helping me on this matter.  Your info is helpful, I just am not very familiar with all of this so I don't understand some of the things your are saying.  I understand that I need to get the reverse look up corrected.  I am just confused how the dns works when mail.yourdomain.com points to x.y.z.30, but does x.y.z.2 need to point to mail.yourdomain.com?  If so, does that cause problems being that mail.yourdomain.com is associated with two different IP's?  Or can that work because they are 2 different records?  Thats what I am confused about.  I maybe incorrect with even what i'm talking about right now. :)  Thats why i'm looking to you to genius's for direction. Thanks again guys. :)
0
 
ExchgenCommented:
Some wise man said, "It's Never too late to learn". ;)

Q. What is it that AOL is looking for?

A. Connecting IP of the sender server should have a valid DNS entry which validates the existance of that domain.

Q. Can i have my MX as mail.mydomain.com and the sender IP resolving back to mail.mydomain.com even if my actual MX points to a different IP?

A. Yes we can have different IP for MX (inbound) and different IP for outbound. All that AOL wants is an IP with an identity.

Q. Why have MX as mail.mydomain.com and connecting FQDN same?

A. Its easy to manuplate to achieve the results, you can create a reverse PTR pointing to the existing FQDN of the server. Its wise and clutter free if we have one    FQDN and multiple "A" or "PTR" records resolving to the single FQDN.

Raghu
0
 
RHNOCAuthor Commented:
Ok lets see if i've got this.  so my FQDN is mail.mydomain.com
MX record is my receiving mail DNS name.
My FQDN points to one IP, but I can have multiple IP's point to my FQDN.

So all I need to do is contact the company hosting my FQDN.  Have them create a PTR that says x.y.z.2 = mail.mydomain.com.  Wait for that to filter to all the Name servers.  And wala. Its golden??? :)

PS.  If a MX record is for mail, right?  Then whats the difference between an A record and a PTR record?  Thanks so much :)
0
 
SembeeCommented:
An MX record is mail exchanger and is always a host.
An A record is a host, it converts a name to an IP address.
A PTR record (aka reverse DNS) converts an IP address to a name.

You can have multiple A records pointing to an IP address, but only one PTR record per IP.

When I setup clients with multiple IP addresses, I always get the ISP to put reverse DNS on to all the IPs. Usually something original like office1.domain.com, office2.domain.com, office3.domain.com etc. Then get the ISP to change the reverse DNS as it is used for something more permanent.

Simon.
0
 
RHNOCAuthor Commented:
So all I need to do is contact the company hosting my FQDN.  Have them create a PTR that says x.y.z.2 = mail.mydomain.com.  Wait for that to filter to all the Name servers.  And wala. Its golden??? :) Its not something I change on my DNS servers correct?

also I could have ptr records like this?
x.y.z.3 = mail.mydomain.com
x.y.z.4 = mail.mydomain.com
x.y.z.5 = mail.mydomain.com

Thanks again for your patience.  And patience you do have. :)
0
 
ExchgenCommented:
:)

Always here to help!!!

Raghu
0
 
RHNOCAuthor Commented:
Oh one more question, :)  We have about 100 pc's. We nat all of them to x.y.z.2.  the exchange server also goes out over this same IP.  Should I setup a new nat for the exchange server so that is has a new ip?  like x.y.z.3???  Thanks again guys.
0
 
SembeeCommented:
Where there are available IP addresses, I like Exchange to have its own IP. The workstations get their own IP address which has nothing on it for inbound traffic to use - so anyone looking for something on that IP doesn't find anything.

Simon.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now