McCoyIT
asked on
NDR - 550 Unrouteable address when sending to *@inbox.ru
Hi,
Users from my Exchange server are receiving the following NDR when trying to send an email to *@inbox.ru:
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----------
Delivery has failed to these recipients or distribution lists:
user@inbox.ru
An error occurred while trying to deliver this message to the recipient's e-mail address. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message, or provide the following diagnostic text to your system administrator.
The following organization rejected your message: abc.mail.ru.
_____
Sent by Microsoft Exchange Server 2007
Diagnostic information for administrators:
Generating server: mymailserver.mydomain.com
user@inbox.ru
abc.mail.ru #550 Unrouteable address ##
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----------
I went to www.dnsstuff.com and did a DNSReport on my domain and I noticed this warning from the report:
WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.
mydomain.com.inbound15.mxl ogic.net claims to be non-existent host p02c11m117.mxlogic.net: <br /> 220 p02c11m117.mxlogic.net ESMTP mxl_mta-5.5.0-3 [3164842928.125256.00-025] ; Mon, 09 Jun 2008 16:06:45 -0600 (MDT); NO UCE, INBOUND <br />
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- -
Could the warning pasted above be why the organization abc.mail.ru rejected the message? Or is the problem with the unroutable address?
Users from my Exchange server are receiving the following NDR when trying to send an email to *@inbox.ru:
--------------------------
Delivery has failed to these recipients or distribution lists:
user@inbox.ru
An error occurred while trying to deliver this message to the recipient's e-mail address. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message, or provide the following diagnostic text to your system administrator.
The following organization rejected your message: abc.mail.ru.
_____
Sent by Microsoft Exchange Server 2007
Diagnostic information for administrators:
Generating server: mymailserver.mydomain.com
user@inbox.ru
abc.mail.ru #550 Unrouteable address ##
--------------------------
I went to www.dnsstuff.com and did a DNSReport on my domain and I noticed this warning from the report:
WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.
mydomain.com.inbound15.mxl
--------------------------
Could the warning pasted above be why the organization abc.mail.ru rejected the message? Or is the problem with the unroutable address?
ASKER
I did try from my Gmail account and I did not get a bounce back, so it is my Exchange server.
The DNSReport test fails pretty dismally when you are not receiving mail directly.
Send an email from your exchange server to your GMail account and then post the headers of that here - then we can see what is going on.
Send an email from your exchange server to your GMail account and then post the headers of that here - then we can see what is going on.
ASKER
Below is the message header from my account on the Exchange server to my Gmail account.
Delivered-To: mygmail@gmail.com
Received: by 10.140.162.8 with SMTP id k8cs236250rve;
Mon, 9 Jun 2008 12:26:29 -0700 (PDT)
Received: by 10.142.188.3 with SMTP id l3mr1614865wff.174.1213039 587576;
Mon, 09 Jun 2008 12:26:27 -0700 (PDT)
Return-Path: <me@mydomain.com>
Received: from myexternal.domain.com (static-xxx-xxx-xxx-xxx.pt r.terago.n et [xxx.xxx.xxx.xxx])
by mx.google.com with ESMTP id 24si11581716wfc.3.2008.06. 09.12.26.2 7;
Mon, 09 Jun 2008 12:26:27 -0700 (PDT)
Received-SPF: neutral (google.com: xxx.xxx.xxx.xxx is neither permitted nor denied by best guess record for domain of me@mydomain.com) client-ip=xxx.xxx.xxx.xxx;
Authentication-Results: mx.google.com; spf=neutral (google.com: xxx.xxx.xxx.xxx is neither permitted nor denied by best guess record for domain of me@mydomain.com) smtp.mail=me@mydomain.com
Received: from myinternal.domain.com ([xxx.xxx.xxx.xxx]) by myinternal.domain.com
([xxx.xxx.xxx.xxx]) with mapi; Mon, 9 Jun 2008 13:26:27 -0600
Was doing some more digging around and I noticed that my mail server name for HELO or EHLO responses is my external FQDN, but on the DNSreport the warning was for, myexternalFQDN.com.inbound 15.mxlogic .net; which is my smart host which filters all my inbound email.
Am I suppose to have mydomain.com.inbound15.mxl ogic.net in the HELO or EHLO field of my send connector?
Delivered-To: mygmail@gmail.com
Received: by 10.140.162.8 with SMTP id k8cs236250rve;
Mon, 9 Jun 2008 12:26:29 -0700 (PDT)
Received: by 10.142.188.3 with SMTP id l3mr1614865wff.174.1213039
Mon, 09 Jun 2008 12:26:27 -0700 (PDT)
Return-Path: <me@mydomain.com>
Received: from myexternal.domain.com (static-xxx-xxx-xxx-xxx.pt
by mx.google.com with ESMTP id 24si11581716wfc.3.2008.06.
Mon, 09 Jun 2008 12:26:27 -0700 (PDT)
Received-SPF: neutral (google.com: xxx.xxx.xxx.xxx is neither permitted nor denied by best guess record for domain of me@mydomain.com) client-ip=xxx.xxx.xxx.xxx;
Authentication-Results: mx.google.com; spf=neutral (google.com: xxx.xxx.xxx.xxx is neither permitted nor denied by best guess record for domain of me@mydomain.com) smtp.mail=me@mydomain.com
Received: from myinternal.domain.com ([xxx.xxx.xxx.xxx]) by myinternal.domain.com
([xxx.xxx.xxx.xxx]) with mapi; Mon, 9 Jun 2008 13:26:27 -0600
Was doing some more digging around and I noticed that my mail server name for HELO or EHLO responses is my external FQDN, but on the DNSreport the warning was for, myexternalFQDN.com.inbound
Am I suppose to have mydomain.com.inbound15.mxl
>>myexternal.domain.com
Is that a correct address? Does it resolve to your IP address?
The other problem, which is pretty major, is that your reverse DNS entry is "ugly" - it exists, but it looks bad, so a lot of places will reject your mail. You need to call your ISP and get them to change it from static-xxx-xxx-xxx-xxx.ptr .terago.ne t to myexternal.domain.com
Kieran
Is that a correct address? Does it resolve to your IP address?
The other problem, which is pretty major, is that your reverse DNS entry is "ugly" - it exists, but it looks bad, so a lot of places will reject your mail. You need to call your ISP and get them to change it from static-xxx-xxx-xxx-xxx.ptr
Kieran
ASKER
Sorry for the delay, yes it does resolve. For example if I were to mail.mydomain.com it will resolve to the correct address. Any thoughts on the DNS Report warning message?
ASKER
For the example I meant to type "...if I were to ping mail.mydomain.com..."
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
I will talk to my ISP and ask them to change it. I just want to clarify the myexternal.domain.com is my exchange server's external FQDN name.
>>I just want to clarify the myexternal.domain.com is my exchange server's external FQDN name.
That was my understanding.
While you are waiting, you can test out DNS queries from your server;
On the exchange server,
Start > run > cmd
nslookup
set type=mx
inbox.ru
Does it bring up the following?
Non-authoritative answer:
inbox.ru MX preference = 10, mail exchanger = mxs.mail.ru
Cancel out of nslookup (CRTL + C)
then type;
telnet mxs.mail.ru 25
Does it connect?
That was my understanding.
While you are waiting, you can test out DNS queries from your server;
On the exchange server,
Start > run > cmd
nslookup
set type=mx
inbox.ru
Does it bring up the following?
Non-authoritative answer:
inbox.ru MX preference = 10, mail exchanger = mxs.mail.ru
Cancel out of nslookup (CRTL + C)
then type;
telnet mxs.mail.ru 25
Does it connect?
ASKER
Yup, connects fine.
ASKER
The ISP made the change today, and I don't receive that bounce back anymore, but I do receive a bounce back for a non existent mailbox. So it looks like it worked, the problem was there was no mailbox for that user.
Thanks!
Thanks!
have you tried sending them a message from a different email server (like from gmail.com?)
if they can receive that message than you know its your exchange server's problem.