can yyou help me troubleshoot a bounced back E-mail with NDR report?

Posted on 2007-10-12
Last Modified: 2008-01-09
All emaisl sent from our domain ( are being rejected by  domain
we have done some troubleshooting at our end, like sending emails to other domains and the emails go through successful.  I sent a few test messagess to from my gmail and yahoo personal accounts and all went successfully.  The problem is that is rejecting all emails sent from

here is the warning message that i get

    **      THIS IS A WARNING MESSAGE ONLY      **

The original message was received at Thu, 11 Oct 2007 23:37:27 -0400 from [] (may be forged)

   ----- Transcript of session follows -----
451 4.4.1 reply: read error from
<>... Deferred
Warning: message still undelivered after 4 hours Will keep trying until message is 5 days old

also, i get an attachement with the following information:

Reporting-MTA: dns;
Arrival-Date: Thu, 11 Oct 2007 23:37:27 -0400

Final-Recipient: RFC822;
Action: delayed
Status: 4.4.2
Last-Attempt-Date: Fri, 12 Oct 2007 05:52:33 -0400
Will-Retry-Until: Tue, 16 Oct 2007 23:37:27 -0400

also, our webhosting company who is responsible for routing our external emails did some trobleshooting  and here are the results:

Oct 11 13:25:08 host4 milter-greylist: l9BLP8gG006515: skipping greylist because address is whitelisted, (from=<>, rcpt=<>, addr=

Oct 11 13:25:11 host4 sendmail[6526]: l9BLP8gG006515: to=<>, delay=00:00:03, xdelay=00:00:03, mailer=esmtp, pri=30383, [], dsn=4.0.0, stat=Deferred: Connection reset by

Oct 11 13:32:35 host4 sendmail[21887]: l9BLP8gG006515: to=<>, delay=00:07:27, xdelay=00:00:00, mailer=esmtp, pri=120383, [], dsn=4.0.0, stat=Deferred: Connection reset by

can you help me troubleshoot this issue
Question by:winperez
    LVL 58

    Expert Comment

    If it's only for one domain, and all other mail is flowing in ant out fine, then you will need to contact the system administrator at the other end as they sound like they are ones with the issue.


    Author Comment

    i did contact them and asked to check their mail filter. They were saying that it is a problem at our end, but it's not possible. I just wanted to have a second opinion.

    thanks for your help.
    LVL 2

    Expert Comment

    I'll take a stab --  It is a little bit of both.  They are likely rejecting you because the forward and the reverse lookup for the mail server don't match (for anti-spam).  Are you relaying through your provider?    That is, what is the domain of host4 (the one with sendmail running on it)?

    You have 2 MX listed, and  The IP address for internal points to just the domain ( and not the full name.  is host4 the same as internal?

    LVL 2

    Expert Comment

    I think that I have found a possible source for your problems.
    Since the server you are trying to access use some antispam called milter you should check this website to see what milter dose.
    At this point I would be concerned about the call back technique described for milter sender.
    Also I think that the main issue here is that your emails originate from a server that is not accessible
    This is why you are getting "may be forged" in the warining, then probably your hostname/ip is passed to a grey list and your messages gets delayed by milter-gris.
    I think that you should make all outgoing mail to look as originating from,
    the MX record seems a little useless since the server can't be accessed (this unless it is there for a very good reason).
    LVL 2

    Accepted Solution

    iliecz commented "the server you are trying to access use some antispam called milter."

    1.  iliecz, the milter comes from winperz's relay provider's server
    2.  milter is not an anti-spam per se, milter is a set of programmatic hooks for sendmail.

    However, the problem:  The message is sending as [], but coming from (  It is common practice to do what is called a reverse lookup (this is where the recipient's server check where you say your are coming (, but the IP address is from somewhere else ( and rejecting the message if the MX record, and the PTR record don't match.

    I am curious, why are you relaying your e-mail through when you have a server (Internal) capable of sending mail? -T

    Author Comment

    thanks guys,

    we made some changes on the sonicwall firewall
    on the "Send Email (SMTP) we changed the source from "the webhosting IP" any

    as i mentioned at the beginning of my question, we were able to send emails to all other domains except  all your comments, especially the milter filter information were very helpful.

    thank you all

    Author Comment

    According to my colleague, the reason for us relaying the emails through  is that one time a hacker got to our system using the smtp port. would there be a way to secure the system from withing the sonicwall?

    Featured Post

    Want to promote your upcoming event?

    Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

    Join & Write a Comment

    Set OWA language and time zone in Exchange for individuals, all users or per database.
    Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
    The purpose of this video is to demonstrate how to set up a Mailchimp Template which will let the user create a uniform look for all of their campaigns. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mail…
    The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now