RDNS Failed
Hi,
I am running Exchange 2003 on windows 2003 server. Mails are sent from our server to our spam server (Interscan messaging Trend). The problem is that some emails are being held in the retry queue because of a message saying RDNS failed. The exact message is below
from dubex2003.cognotec.com ([10.152.25.90]RDNS failed) by
and the log says DNS query or connect server fail. no branch
This only happens on some emails, and I can verify the sender and recipients email address is correct.
any help on this would be great.
thanks very much
I am running Exchange 2003 on windows 2003 server. Mails are sent from our server to our spam server (Interscan messaging Trend). The problem is that some emails are being held in the retry queue because of a message saying RDNS failed. The exact message is below
from dubex2003.cognotec.com ([10.152.25.90]RDNS failed) by
and the log says DNS query or connect server fail. no branch
This only happens on some emails, and I can verify the sender and recipients email address is correct.
any help on this would be great.
thanks very much
I think we might need a bit more info here - the IP address you listed is a private IP/internal IP address and wouldn't have a reverse DNS entry associated with it directly.
The entry dubex2003.cognotec.com resolves to 193.95.173.67.
Doing a check for the reverse entry for this doesn't provide a result.
Your next step should be finding out who can set up the reverse dns entries for the 193.95.173.64 - 193.95.173.127 subnet. Looks like it should be somebody at Cognotec from the whois information for that netblock.
You are probably seeing the failures because not all mail servers reject mail that comes from a server without a reverse DNS entry. Try sending to AOL addresses and you will find that every message gets rejected as they do not accept any mail without a reverse DNS entry for its sending server.
Try doing some testing with http://dnsstuff.com for the reverse entries to make sure you get them setup correctly.
The entry dubex2003.cognotec.com resolves to 193.95.173.67.
Doing a check for the reverse entry for this doesn't provide a result.
Your next step should be finding out who can set up the reverse dns entries for the 193.95.173.64 - 193.95.173.127 subnet. Looks like it should be somebody at Cognotec from the whois information for that netblock.
You are probably seeing the failures because not all mail servers reject mail that comes from a server without a reverse DNS entry. Try sending to AOL addresses and you will find that every message gets rejected as they do not accept any mail without a reverse DNS entry for its sending server.
Try doing some testing with http://dnsstuff.com for the reverse entries to make sure you get them setup correctly.
ASKER
thank you very much for your responce,
It is a variety of domains that emails are failing to for example rcsi.com and standardlife.ie , but not all domains, most messages do get out.
the exchange server is 10.152.25.25 which is an internal ip and server sitting behind FW
the spam filter sits in our dmz and has an ip address of 193.95.173.98 server name mail.cognotec.com
our ISP provider is esat and we have verified that we have a reverse lookup for 193.95.173.98 to mail.cognotec.com
i was able to send a mail no problem to info@aol.ie
Thanks again, if there are any other ideas about the problem it would be much appriciated.
It is a variety of domains that emails are failing to for example rcsi.com and standardlife.ie , but not all domains, most messages do get out.
the exchange server is 10.152.25.25 which is an internal ip and server sitting behind FW
the spam filter sits in our dmz and has an ip address of 193.95.173.98 server name mail.cognotec.com
our ISP provider is esat and we have verified that we have a reverse lookup for 193.95.173.98 to mail.cognotec.com
i was able to send a mail no problem to info@aol.ie
Thanks again, if there are any other ideas about the problem it would be much appriciated.
That does make the situation a bit different then.
One thing that I want to make sure on - the dubex2003.cognotec.com is on an internal IP address, but has an external IP as well of 193.95.173.67. Are you certain that it is actually funneling all the emails through the spam server rather than sending a few directly out from the Exchange server?
The Exchange server doesn't have reverse dns setup (and shouldn't need it), so if that happened it might explain why only a few emails fail.
I would also check exactly what the spam gateway is reporting for DNS entries. Specifically what does it say is the name/IP address for the Exchange server, and for some of the bounced entries.
One thing that I want to make sure on - the dubex2003.cognotec.com is on an internal IP address, but has an external IP as well of 193.95.173.67. Are you certain that it is actually funneling all the emails through the spam server rather than sending a few directly out from the Exchange server?
The Exchange server doesn't have reverse dns setup (and shouldn't need it), so if that happened it might explain why only a few emails fail.
I would also check exactly what the spam gateway is reporting for DNS entries. Specifically what does it say is the name/IP address for the Exchange server, and for some of the bounced entries.
Normally for exchange to send directly to another site would need to have that specified as mail domain in exchange (assume have forward all mail to smart host) set for forwarding to spam server. Only possible exception would be where have existing connection for incoming mail when exchange wanted to send to same site (Not sure on this one just a possible idea) - ?? does exchange server accept incoming mail directly ?? or only via spam server.
May be useful to look at full headers on rejected mail - "options" on Outlook - may give more clues as to what is happening, and route of messages that are failing.
May be useful to look at full headers on rejected mail - "options" on Outlook - may give more clues as to what is happening, and route of messages that are failing.
ASKER
hi,
Exchange has only an internal IP. All mail is routed through our spam filter (both inbound and outbound). the spam gateway has the correct details for the exchange server.
thanks
Exchange has only an internal IP. All mail is routed through our spam filter (both inbound and outbound). the spam gateway has the correct details for the exchange server.
thanks
Have checked mail settings for two sites you mentioned.
rcsi.com - no mail server defined - set to dev.null
standardlife.ie - 3 mail servers defined 2 relay servers on priority 5, and one backup server with two different DNS on priority 15, and priority 1000, have seen this sort of setup fail if relay servers are busy, and mail goes to backup. Would expect if this is problem that mail for standardlife usually goes through, but occasionally fails - may succeed on retry.
Suspect from this, that problem is not at your end at all, but at receiving end.
rcsi.com - no mail server defined - set to dev.null
standardlife.ie - 3 mail servers defined 2 relay servers on priority 5, and one backup server with two different DNS on priority 15, and priority 1000, have seen this sort of setup fail if relay servers are busy, and mail goes to backup. Would expect if this is problem that mail for standardlife usually goes through, but occasionally fails - may succeed on retry.
Suspect from this, that problem is not at your end at all, but at receiving end.
ASKER
I didnt mention any sites did I? Maybe I'm getting confused here.
But our dns server ip address were 192.111.39.1 and 192.111.39.4
and we changed our second dns server to 159.134.237.6, just incase the problem was the dns resolution.
the server routes traffic through its web facing ip address of 193.95.173.98
The problem is that the emails are sitting in our retry queue and even if I request items to be resent at a later date the emails dont leave the retry queue.
thanks
But our dns server ip address were 192.111.39.1 and 192.111.39.4
and we changed our second dns server to 159.134.237.6, just incase the problem was the dns resolution.
the server routes traffic through its web facing ip address of 193.95.173.98
The problem is that the emails are sitting in our retry queue and even if I request items to be resent at a later date the emails dont leave the retry queue.
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Can you tell us if the failing messages are all sent to the same domain(s)?
/RID