carlkelley
asked on
How to fix delivery errors for email sent to a second domain on the same Exchange 2007 server?
I have recently installed Exchange 2007 connected to the Internet via a dedicated DSL line with static IP addresses 209.232.123.250-209.232.12
My Exchange 2007 server receives emails for two different domains. Exchange can receive mail for the first. Exchange can receive internal mail for the second. But, my Exchange Server can NOT receive EXTERNAL email addressed to my second domain due to the following delivery errors:
--------------------------
The attached message had PERMANENT fatal delivery errors!
After one or more unsuccessful delivery attempts the attached message has been removed from the mail queue on this server. The number and frequency of delivery attempts are determined by local configuration parameters.
YOUR MESSAGE WAS NOT DELIVERED TO ANY OF IT'S RECIPIENTS!
Failed address: ckelley@MySecondDomainName
--- Session Transcript ---
Thu 2007-10-11 12:44:54: Parsing message <xxxxxxxxxxxxxxxxxx\pd3500
Thu 2007-10-11 12:44:54: * From: carl@test.com Thu 2007-10-11 12:44:54: * To: ckelley@MySecondDomainName
Thu 2007-10-11 12:44:54: Attempting SMTP connection to [MySecondDomainName.com] Thu 2007-10-11 12:44:54: Resolving MX records for [MySecondDomainName.com] (DNS Server: 198.6.1.1)...
Thu 2007-10-11 12:45:03: * DNS: 10 second wait for DNS response exceeded (attempt 1 of 3) Thu 2007-10-11 12:45:03: Resolving MX records for [MySecondDomainName.com] (DNS Server: 216.139.32.33)...
Thu 2007-10-11 12:45:03: * Name server has no records of the requested type for that domain Thu 2007-10-11 12:45:03: Attempting SMTP connection to [MySecondDomainName.com:25
Thu 2007-10-11 12:45:03: * Name server has no records of the requested type for that domain
--- End Transcript ---
: Message contains [1] file attachments
--------------------------
How do I fix these delivery errors? Is this an MX record problem? If so, what should I tell my ISP DNS Administrator to do?
My Exchange 2007 server receives emails for two different domains. Exchange can receive mail for the first. Exchange can receive internal mail for the second. But, my Exchange Server can NOT receive EXTERNAL email addressed to my second domain due to the following delivery errors:
--------------------------
The attached message had PERMANENT fatal delivery errors!
After one or more unsuccessful delivery attempts the attached message has been removed from the mail queue on this server. The number and frequency of delivery attempts are determined by local configuration parameters.
YOUR MESSAGE WAS NOT DELIVERED TO ANY OF IT'S RECIPIENTS!
Failed address: ckelley@MySecondDomainName
--- Session Transcript ---
Thu 2007-10-11 12:44:54: Parsing message <xxxxxxxxxxxxxxxxxx\pd3500
Thu 2007-10-11 12:44:54: * From: carl@test.com Thu 2007-10-11 12:44:54: * To: ckelley@MySecondDomainName
Thu 2007-10-11 12:44:54: Attempting SMTP connection to [MySecondDomainName.com] Thu 2007-10-11 12:44:54: Resolving MX records for [MySecondDomainName.com] (DNS Server: 198.6.1.1)...
Thu 2007-10-11 12:45:03: * DNS: 10 second wait for DNS response exceeded (attempt 1 of 3) Thu 2007-10-11 12:45:03: Resolving MX records for [MySecondDomainName.com] (DNS Server: 216.139.32.33)...
Thu 2007-10-11 12:45:03: * Name server has no records of the requested type for that domain Thu 2007-10-11 12:45:03: Attempting SMTP connection to [MySecondDomainName.com:25
Thu 2007-10-11 12:45:03: * Name server has no records of the requested type for that domain
--- End Transcript ---
: Message contains [1] file attachments
--------------------------
How do I fix these delivery errors? Is this an MX record problem? If so, what should I tell my ISP DNS Administrator to do?
ASKER
I went to the zmailer link that you provided and entered an email address that works for internally-generated email and got the same results from three different remote servers:
--------------------------
MX-VERIFY-CGI run for ``support@MySecondDomain.c
--------------------------
Doing resolver lookup for T=MX domain=``MySecondDomain.co
DNS yields following MX entries
MySecondDomain.com (7200s) IN MX 10 staff.MyFirstDomain.com
Only one MX record...
Well, no backups, but as all systems are looking for MX record in every case, not bad..
--------------------------
Testing MX server: staff.MyFirstDomain.com
Address lookup did yield following ones:
IPv4 209.232.123.253
Testing server at address: IPv4 209.232.123.253
ERROR: Connect failure reason: Connection timed out
(Still possibly all OK!)
--------------------------
In other words, the MX record routes email sent to my second domain name to a server in my first domain. This external server name is no longer used internally. I believe I did this years ago so that I could use the same, then expensive, secure server certificate for both domains.
--------------------------
MX-VERIFY-CGI run for ``support@MySecondDomain.c
--------------------------
Doing resolver lookup for T=MX domain=``MySecondDomain.co
DNS yields following MX entries
MySecondDomain.com (7200s) IN MX 10 staff.MyFirstDomain.com
Only one MX record...
Well, no backups, but as all systems are looking for MX record in every case, not bad..
--------------------------
Testing MX server: staff.MyFirstDomain.com
Address lookup did yield following ones:
IPv4 209.232.123.253
Testing server at address: IPv4 209.232.123.253
ERROR: Connect failure reason: Connection timed out
(Still possibly all OK!)
--------------------------
In other words, the MX record routes email sent to my second domain name to a server in my first domain. This external server name is no longer used internally. I believe I did this years ago so that I could use the same, then expensive, secure server certificate for both domains.
The server listed as the MX record - does that resolve to the correct IP address?
If not, then get it corrected. The name you are using internally doesn't really matter - as long as it resolves.
Simon.
--
Once your question has been answered, please remember to accept an answer and close the question.
If not, then get it corrected. The name you are using internally doesn't really matter - as long as it resolves.
Simon.
--
Once your question has been answered, please remember to accept an answer and close the question.
ASKER
I used http://www.zoneedit.com/lookup.html to determine that the forward lookup for "staff.MyFirstDomain.com" resolves to 209.232.123.253 via an (A) DNS record.
The reverse lookup appears NOT to be working: "No PTR records were found for 209.232.123.253
on server staff.MyFirstDomain.com".
Is this a problem in my DNS or my ISPs? If ISP, what exactly must I ask my ISP DNS Administrator to do in order to fix this?
The reverse lookup appears NOT to be working: "No PTR records were found for 209.232.123.253
on server staff.MyFirstDomain.com".
Is this a problem in my DNS or my ISPs? If ISP, what exactly must I ask my ISP DNS Administrator to do in order to fix this?
As I wrote above, the simplest thing to do is ask whoever looks after the DNS for your second domain to change the MX record host to the same host that works for your first domain.
Simon.
--
Once your question has been answered, please remember to accept an answer and close the question.
Simon.
--
Once your question has been answered, please remember to accept an answer and close the question.
ASKER
I think I understand your instructions now. What had me confused was that the MX record for MySecondDomain.com already resolves to an FQDN in MyFirstDomain:
BEGIN---------------------
MX-VERIFY-CGI run for ``support@MySecondDomain.c
--------------------------
Doing resolver lookup for T=MX domain=``MySecondDomain.co
DNS yields following MX entries
MySecondDomain.com (7200s) IN MX 10 staff.MyFirstDomain.com
Only one MX record...
END-----------------------
The same report for support@MyFirstDomain.com looks quite different:
BEGIN---------------------
MX-VERIFY-CGI run for ``support@MyFirstDomain.co
--------------------------
Doing resolver lookup for T=MX domain=``MyFirstDomain.com
DNS yields following MX entries
MyFirstDomain.com (6996s) IN MX 10 MyFirstDomain.com
MyFirstDomain.com (6996s) IN MX 100 smtp-relay.pbi.net
--------------------------
Testing MX server: MyFirstDomain.com
Address lookup did yield following ones:
IPv4 209.232.123.251
Testing server at address: IPv4 209.232.123.251
[ CONNECTED! ]
220 Staff64.MyFirstDomain.com Microsoft ESMTP MAIL Service ready at Wed, 31 Oct 2007 16:09:28 -0700
EHLO z2.cat.iki.fi
250-Staff64.MyFirstDomain.
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH GSSAPI NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 XEXCH50
Excellent! It speaks ESMTP!
MAIL FROM:<>
250 2.1.0 Sender OK
Fine, it accepts NULL return-path as is mandated by RFC 2821 section 6.1
RSET
END-----------------------
So, I need to tell them to change the MX record so that it points to "MyFirstDomain.com" rather than "staff.MyFirstDomain.com"?
BEGIN---------------------
MX-VERIFY-CGI run for ``support@MySecondDomain.c
--------------------------
Doing resolver lookup for T=MX domain=``MySecondDomain.co
DNS yields following MX entries
MySecondDomain.com (7200s) IN MX 10 staff.MyFirstDomain.com
Only one MX record...
END-----------------------
The same report for support@MyFirstDomain.com looks quite different:
BEGIN---------------------
MX-VERIFY-CGI run for ``support@MyFirstDomain.co
--------------------------
Doing resolver lookup for T=MX domain=``MyFirstDomain.com
DNS yields following MX entries
MyFirstDomain.com (6996s) IN MX 10 MyFirstDomain.com
MyFirstDomain.com (6996s) IN MX 100 smtp-relay.pbi.net
--------------------------
Testing MX server: MyFirstDomain.com
Address lookup did yield following ones:
IPv4 209.232.123.251
Testing server at address: IPv4 209.232.123.251
[ CONNECTED! ]
220 Staff64.MyFirstDomain.com Microsoft ESMTP MAIL Service ready at Wed, 31 Oct 2007 16:09:28 -0700
EHLO z2.cat.iki.fi
250-Staff64.MyFirstDomain.
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH GSSAPI NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 XEXCH50
Excellent! It speaks ESMTP!
MAIL FROM:<>
250 2.1.0 Sender OK
Fine, it accepts NULL return-path as is mandated by RFC 2821 section 6.1
RSET
END-----------------------
So, I need to tell them to change the MX record so that it points to "MyFirstDomain.com" rather than "staff.MyFirstDomain.com"?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Once again, it was a privilege to get your attention, Simon.
Put the domain in to dnsreport.com or http://www.zmailer.org/mxverify.html and see what the internet thinks. If there are no MX records then whoever looks after your domain needs to fix them. If you already have one domain working correctly, then ask them to use the same host that is used on that domain with the new one.
Simon.
--
Once your question has been answered, please remember to accept an answer and close the question.