• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 513
  • Last Modified:

can't receive incomming emails


I have installed a my first ( and the networks' first) exchange server 2003 w/ sp2.  It's installed on win2k3 standard, with all patches and updates applied.

the server is behind a netgear router with port forwarding enabled on port 25.  i also have the a domain registered with godaddy, and i made sure to add an MX record under the "Total DNS control" panel.

My issue is i can sent and receive emails with the network.  I can also send out emails to the outside world.  the issue is i can't receive any emails from the internet.  I tried to repy to my test message from different domains (hotmail, yahoo, and even my work email account), i always get a bounce back

here is the bounce back detail message:
Reporting-MTA: dns;bay0-omc2-s12.bay0.hotmail.com
Received-From-MTA: dns;BAY134-W33
Arrival-Date: Fri, 1 Feb 2008 15:12:28 -0800

Final-Recipient: rfc822;mshalabi@dareazon.com
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;553 sorry, relaying denied from your location [] (#5.7.1)

any help would be greatly appriceated.
  • 2
2 Solutions
Looks like a DNS problem with your public MX record.  You're not allowed to use CNAMES.
FAIL MX A lookups have no CNAMEs WARNING: One or more of your MX records points to a CNAME. CNAMEs are prohibited in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3. The problem MX record(s) are:
bloodywickedAuthor Commented:
so, should i chance the mx record to "mail.mydomain.com" instead of just "mail" ... and if that's the case, how come i can still send out email messages to internet accounts !!
I think your primary problem is the permissions on your SMTP server.  It looks like you've disabled anonymous access.   Assuming you're using Exchange as your inbound SMTP server, select the properties for the server, go to the Access tab, click the Authentication button, then check the box for Anoymous access.  Otherwise anyone who sends your domain an email message will have to have a username and password configured.

You should still fix DNS.  Set the MX record for dareazon.com to be smtp.where.secureserver.net.  You'll also want to update the reverse DNS record for to be smtp.where.secureserver.net instead of smtp.secureserver.net.  You can then create a CNAME for smtp.secureserver.net to point to smtp.where.secureserver.net.

These problems won't prevent sending mail out to the Internet, although some mail domains will reject the messages as suspected spam due to the DNS problems.
Your problem is as stated by millema, the anonymous access on your smtp server and actually you should only keep anonymous access on it and remove everything else. Anonymous access does not mean that you are a open relay, anonymous access to your smtp server means, that all other mail servers can talk to your exchange server without a username and password. YOu are not expecting over 5 milliom mail servers to have a username and password to communicate with your domain.
In the image above, leave only anonymous access.
Also fix your MX record to point to your firewalls ip address.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now