[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Emails (through Exchange) to certain domains getting blocked as spam #5.5.0 smtp;554 Transaction Failed. Spam Message not queued.>

Posted on 2008-06-24
12
Medium Priority
?
857 Views
Last Modified: 2008-07-15
I have a client who goes through this every couple of weeks.  Certain domains will get email bounced back as spam.  Here's a copy of the bounce message:

From: System Administrator
Sent: Tuesday, June 24, 2008 11:04 AM
To: Brian
Subject: Undeliverable: Latest Requirements Doc
Your message did not reach some or all of the intended recipients.
      Subject:  Latest Requirements Doc
      Sent:     6/24/2008 11:04 AM
The following recipient(s) cannot be reached:
      lastname, firstname on 6/24/2008 11:04 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <branch.domainname.com #5.5.0 smtp;554 Transaction Failed. Spam Message not queued.>

I had a problem in the past with my PTR record pointing to the ISP instead of the actual exchange server...but when I fixed it, I added a PTR to two places...just in case.  

Reverse MX A records (PTR) Your reverse (PTR) record:
xxx.xxx.xxx.xxx.in-addr.arpa ->  branch.domainname.com
xxx.xxx.xxx.xxx.in-addr.arpa ->  domainname.com

the DNS pointer to the exchange server goes to what I am calling branch.domainname.com (for security reasons...not using actual domain names or ip's)
but their email addresses are username@domainname.com

HERE'S MY QUESTION:

A. Is the PTR record supposed to point to the domain name or the DNS pointer that the email is coming from?
B. Could this be causing the above error code when emailing certain domains?

Thanks in advance...please skip the guesswork and only answer if you know!
0
Comment
Question by:authen-tech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 4
12 Comments
 
LVL 36

Assisted Solution

by:grblades
grblades earned 1000 total points
ID: 21856854
You should only have a single PTR record for the IP address.
The PTR record will have to be assigned against the external IP address of the mail server and therefore will have to be done by the ISP who provides your service or through a web interface that they provide.
The reverse DNS should point to the same hostname that the mail server advertises in the HELO/EHLO command.
0
 
LVL 1

Assisted Solution

by:Hallidays
Hallidays earned 1000 total points
ID: 21856863
We have had the same problem only ours was to do with Reverse DNS Authentication checks and it was actually the .in-addr.arpa at the end of the PTR causing the problem, we had this removed and everthing was ok.

Your PTR should point to the server that the mail is sent from ie

server.internaldom.externaldom.com/co.uk etc

And yes - Not having it setup correct can cause your problems.

0
 
LVL 1

Expert Comment

by:Hallidays
ID: 21856920
Put your mailserver IP (external) in the "IP INFORMATION" box on the left hand side

http://www.dnsstuff.com/

You should get

IP address:                    xxx.xxx.xxx.xxx
Reverse DNS:                    server.internaldom.externaldom.co.uk.
Reverse DNS authenticity:       [Verified]

0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 1

Expert Comment

by:Hallidays
ID: 21856934
It is the authenticity that is the major here, if you are not verified some domain will not accept email - its a right pain.
0
 
LVL 9

Author Comment

by:authen-tech
ID: 21857489
Ok, I contacted the ISP and asked them to remove the PTR to the main domain.com name.  That should leave only the internal.domain.com which is also the HELO and DNS pointer to the mail server.  

Hopefully that will fix it!  Thanks for your help and I will let you know and award points after it checks out.
0
 
LVL 9

Author Comment

by:authen-tech
ID: 21875825
Same problem exists.  I had the ptr record that pointed to domain.com removed and I am still having the same problem.  Does that mean that I was advised to remove the wrong one or is it caused by something else?

To: Brian
Subject: Undeliverable: Latest Requirements Doc
Your message did not reach some or all of the intended recipients.
      Subject:  Latest Requirements Doc
      Sent:     6/24/2008 11:04 AM
The following recipient(s) cannot be reached:
      lastname, firstname on 6/24/2008 11:04 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <branch.domainname.com #5.5.0 smtp;554 Transaction Failed. Spam Message not queued.>
0
 
LVL 36

Expert Comment

by:grblades
ID: 21876706
There are many reasony why a mail could be classed as spam.

In my profile there is a test@ email address listed. If you want to send a test email there and post here as soon as it is sent I will post the headers and let you know my spam filters findings.
0
 
LVL 36

Expert Comment

by:grblades
ID: 21881629
Your email was perfectly fine. DNS and reverse DNS was all correct and spamassassin didnt find any problems with the content.

You could implement SPF (http://www.openspf.org) and register yourself with DNSWL (http://www.dnswl.org) which will help.
0
 
LVL 1

Expert Comment

by:Hallidays
ID: 21882191
Did you try what i posted above on DNS stuff to check if authentication is working?
0
 
LVL 36

Expert Comment

by:grblades
ID: 21882221
I did that when I saw the IP address of the server in the headers of the email. It did come back as verified.
0
 
LVL 9

Author Comment

by:authen-tech
ID: 21882992
Yes I did do that and it even came back as verified when it was wrong... ??

I am going to contact the domain that is blocking us (the main one that we test against) and see if they can shine any light on the subject.  I appreciate all your help guys.  Thanks for checking on that grblades.  I will let you know if I find anything...
0
 
LVL 9

Accepted Solution

by:
authen-tech earned 0 total points
ID: 21945636
Ok, the PTR records are now correct and that was a biggie.  I found that the domain in question WAS spamming and was on a black list found at trustedsource.org as well as another one.  I appreciate all the help as I am confident my setup is correct and not causing any issues.  Thanks again!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question