asked on Some but not all incoming emails are being bounced
All of a sudden some incoming emails from outside clients (approx 10 different companies) are being bounced back to the sender with the message: you do nothave permission to send to this recipient. The helo/ehlo domain is invalid.
Actions taken:
1) I have checked that the FQDN on the server matches that of our MX record etc & it all checks out ok.
2) I have spoken with our ISP & they have not put through any changes that would affect this.
Actions taken:
1) I have checked that the FQDN on the server matches that of our MX record etc & it all checks out ok.
2) I have spoken with our ISP & they have not put through any changes that would affect this.
ExchangeNetworking
Last Comment
greenhacks
do a spam check on your public ip, if it is blocked. www.dnsstuff.com
see if this tool shows valid rdns record for ur domain
http://www.postmaster.aol.com/tools/rdns.html
http://www.postmaster.aol.com/tools/rdns.html
ASKER
checked the blaclists using MXTOOLBOX.com & all ok
Have run the RDNS test & the response was:
DNS Server Response:
mailgate.philippank.com
Success! It appears you have Reverse DNS.
Have run the RDNS test & the response was:
DNS Server Response:
mailgate.philippank.com
Success! It appears you have Reverse DNS.
Does this happen to a particular internal email id? or all internal email id?
Did anyone configured exchange recently?
Do you have any email security, did you check on it if things are ok?
Did anyone configured exchange recently?
Do you have any email security, did you check on it if things are ok?
ASKER
Its happening from approximatle 10 outside customer domains, to numerous internal email addresses. We can send emails to them but when they try to reply they get the helo/ehlo message
Our exchange server has not been touched in any way.
We run GFI mail security & mail essentials, both of which have been running for the last 3+ years with no problems
Our exchange server has not been touched in any way.
We run GFI mail security & mail essentials, both of which have been running for the last 3+ years with no problems
Can you verify setting with solution mentioned in this link
https://www.experts-exchange.com/questions/23037415/HELO-EHLO-domain-invalid-error-on-Exchange-2003-server.html
https://www.experts-exchange.com/questions/23037415/HELO-EHLO-domain-invalid-error-on-Exchange-2003-server.html
Also read this
http://www.irbs.net/internet/postfix/0502/1574.html and verify
http://www.irbs.net/internet/postfix/0502/1574.html and verify
ASKER
The settings are exactly as https://www.experts-exchange.com/questions/23037415/HELO-EHLO-domain-invalid-error-on-Exchange-2003-server.html
Our firewall has anti spam on it & the black list is empty & again has been in place for ages.
Our firewall has anti spam on it & the black list is empty & again has been in place for ages.
Did you try to restart exchange services? If that doesnt help, you would like to wait till others suggest something.
ASKER
I have restarted the server numerous times & just the services but it still happens.
could it be that their server names do not match their DNS/MX records & thas why I reject them?
could it be that their server names do not match their DNS/MX records & thas why I reject them?
mailgate.philippank.com is this ur domain name actual one?
can i know which domains gets bounced back? give atleast couple of them.
can i know which domains gets bounced back? give atleast couple of them.
ASKER
mailgate.phiolippank.com is the FQDM
domains that are getting emails bounced back are:
onehousinggroup.co.uk
gleeds.co.uk
hanover.org.uk
All these were ok up to sunday last weekend.
Again I reiterate that no software changes have been made on our filrewall or our server.....
domains that are getting emails bounced back are:
onehousinggroup.co.uk
gleeds.co.uk
hanover.org.uk
All these were ok up to sunday last weekend.
Again I reiterate that no software changes have been made on our filrewall or our server.....
ASKER
getting urgent....pionts increased !!
Is this your mail server public ip?
62.244.172.90
62.244.172.90
I ran almost 5 to 6 different test on your domain and ip, and all came successful.
Lastly i would like to know if you can paste the exact error whenthe mail is bounced.
Yes, you will have to ask to the person whose email got bounced sending to your domain. get atleast 2 for a quick solution. Call them and ask them to forward that bounce back error to your some other domain account (for, eg hotmail.com).
Lastly i would like to know if you can paste the exact error whenthe mail is bounced.
Yes, you will have to ask to the person whose email got bounced sending to your domain. get atleast 2 for a quick solution. Call them and ask them to forward that bounce back error to your some other domain account (for, eg hotmail.com).
The error should hav some kind of code with the error message.
ASKER
The message that all the 10 or so are getting back when they try & send an email is:
host mailgate.PhilipPank.com[52
said: 5545.7.1 This message has been blocked because the HELOjEHLO domain
is invalid (in reply to RCPT TO command)
62.244.172.90 is our mail server public ip
mailgate.philippank.com is our FQDN on the email server
host mailgate.PhilipPank.com[52
said: 5545.7.1 This message has been blocked because the HELOjEHLO domain
is invalid (in reply to RCPT TO command)
62.244.172.90 is our mail server public ip
mailgate.philippank.com is our FQDN on the email server
Who's ip is this 52.244.172. 90?
Seems like people who's emails are bouncing has your servers wrong ip in their dns cache as 52.244.172. 90 rather then 62.244.172.90.
Seems like people who's emails are bouncing has your servers wrong ip in their dns cache as 52.244.172. 90 rather then 62.244.172.90.
ASKER
That ip belongs to a server in the USA...
OrgName: E.I. du Pont de Nemours and Co., Inc.
OrgID: EDPDNC
Address: E.I. du Pont de Nemours and Co., Inc.
Address: 1007 market Street
City: Wilmington
StateProv: DE
PostalCode: 19893
Country: US
NetRange: 52.0.0.0 - 52.255.255.255
Why do you think their DNS is incorrect? how did you test it?
I have asked that they clear their cache...but the only way seems to work is to get them to change their FQDN to match their MX record & some are quite reticent to do so as it worked ok before....
What I don't understand is what caused my server to start bouncing stuff? As nothing had changed on my side at all.
OrgName: E.I. du Pont de Nemours and Co., Inc.
OrgID: EDPDNC
Address: E.I. du Pont de Nemours and Co., Inc.
Address: 1007 market Street
City: Wilmington
StateProv: DE
PostalCode: 19893
Country: US
NetRange: 52.0.0.0 - 52.255.255.255
Why do you think their DNS is incorrect? how did you test it?
I have asked that they clear their cache...but the only way seems to work is to get them to change their FQDN to match their MX record & some are quite reticent to do so as it worked ok before....
What I don't understand is what caused my server to start bouncing stuff? As nothing had changed on my side at all.
>>>Why do you think their DNS is incorrect? how did you test it?
Because if you see this message "mailgate.PhilipPank.com[5
They dont have to do except clearing their cache. If email sent to you from hotmail or gmail, does it works fine?
Because if you see this message "mailgate.PhilipPank.com[5
They dont have to do except clearing their cache. If email sent to you from hotmail or gmail, does it works fine?
ASKER
I think that is a red herring user typo maybe.
I have attached a copy of message from a fax I have recieved
latest-error.pdf
I have attached a copy of message from a fax I have recieved
latest-error.pdf
ESM, Servers, , Protocols, SMTP. Right click on the default SMTP VS and choose Properties. Click on the tab Delivery and then Advanced.
what is the value over there?
what is the value over there?
ASKER
Max hop count = 30
Masquerade domain is blank
Fully qualified domain name is mailgate.philippank.com
smart host is blank
Perform remote dns lookup on incoming messages is blank (it was ticked but have unticked it to see if it made a difference)
Masquerade domain is blank
Fully qualified domain name is mailgate.philippank.com
smart host is blank
Perform remote dns lookup on incoming messages is blank (it was ticked but have unticked it to see if it made a difference)
ASKER
Points value has increased
I think you need to wait till someone further helps ahead.
One last try, do one thing.
In your email security whitelist the domain name which is having problem and see what happens.
One last try, do one thing.
In your email security whitelist the domain name which is having problem and see what happens.
ASKER
I'd already added the domains that have the issue to the whitelist & that had no effect.
Maximum points now
Maximum points now
If you click test mail server here
http://mxtoolbox.com/diagnostic.aspx?HOST=mailgate.philippank.com
Everything looks good.
ESM, Servers, , Protocols, SMTP. Right click on the default SMTP VS and choose Properties. Click on the tab Delivery and then Advanced.
There is a button to click which says check dns. if clicked what does it say?
http://mxtoolbox.com/diagnostic.aspx?HOST=mailgate.philippank.com
Everything looks good.
ESM, Servers, , Protocols, SMTP. Right click on the default SMTP VS and choose Properties. Click on the tab Delivery and then Advanced.
There is a button to click which says check dns. if clicked what does it say?
ASKER
The domain nmame is valid is the response
I have run the same test on those domains that are failing & all are ok as well...
I have run the same test on those domains that are failing & all are ok as well...
Did you check your firewall configuration for smtp rule? i hope it is not modifying any default incoming packets.
ASKER
Firewall rules have not been changed for over 3 months.
Its not happening with all inbound emails, a lot get through with no problem, but the majoirity that are being bounced are from other exchange servers. So I have been asking thatthey check that their FQDM on their exchange server matches their mx record.
Its not happening with all inbound emails, a lot get through with no problem, but the majoirity that are being bounced are from other exchange servers. So I have been asking thatthey check that their FQDM on their exchange server matches their mx record.
Can you goto your esm, default smtp connector, properties, advanced tab, there is a chekbox which says 'send helo instead of ehlo..." is that check box selected?
ASKER
Yes it is
We're bouncing the messages back beacause the senders domain is invalid not ours I've added them to our AV whitelists etc but has made no difference at all.
We're bouncing the messages back beacause the senders domain is invalid not ours I've added them to our AV whitelists etc but has made no difference at all.
uncheck the box, it should not be selected
Once done see if the problem still remains.
Once done see if the problem still remains.
alternatively you can also try to disable your email security software for a while and see if the problem is still there.
ASKER
the box is unchecked & it is still happening
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
ok
hahaha Great it got resolved finally.