AT&T blocking e-mails, Exchange 2007, PTR records and Certificates
This is a long one to explain
We are getting 550 and 553 undeliverables from AT&T and SBC Global e-mail accounts the past few days. I tried submitting an unblock request to : http://att.net/blocks and I get the following e-mail from AT&T
"Thank you for contacting the AT&T Postmaster.
Please contact your hosting provider and inform them of your experience. The resources at AT&T only block IPs based on the merit of the traffic received. This underlying issue can only be resolved by the hosting provider administrating this IP. You are welcome to forward this message to them.
HOSTING PROVIDER: This IP has been blocked as a direct result of the traffic into AT&T resources. Please check your server logs for anomalies, violations of your acceptable-use policy, and/or compromised servers prior to requesting removal. Failure to correct these issues will delay the removal of your servers from our blocklist, as well as diminishing the credibility of your network security and the availability of AT&T internet resources."
So after some research I figured it was my PTR record. Now I need to explain how the Exchange server is setup.
-Exchange 2007 SP1
-Windows 2003 x64 server
-Single Exchange server
-No Edge server
-Static IP
-MX record points to "mail.global.frontbridge.c
When I implemented Exch 07 I also was doing a domain migration so I had to give the new domain a different name so it went from "domain.com" to "domainInc.com" but external DNS still needed to use "domain.com".
-The NETBIOS name of the Exch box is "mailsvr.domaininc.com".
I figured out that I could add new "Accepted Domain" under the Hub Transport using "%m@domain.com" and set it as the default Reply under the E-mail address Policy. Created my certs, setup webmail and RPC/HTTPS. Everything worked great... Till now, AT&T has *&%ed my world.
So this is what I have tried so far&
-I had my IP provider create a PTR record on their end to "mail.domain.com" checked it and it comes out correctly X.X.81.64.in-addr.arpa PTR mail.domain.com
Still not working&
-Changed the FQDN for the send connector to "mail.domain.com"
Started getting Ev ID: 12014 in MS Exch Transport which points to the receive connector FQDN and Send connector FQDN not matching as well as the Cert not having that FQDN.
-Disabled the Default Receive Connector and created a new one with the FQDN of mail.domain.com
-Created a new cert request using what is described here.. http://technet.microsoft.com/en-us/library/aa998840(EXCHG.80).aspx
Get-ExchangeCertificate (Thumbprints Removed)
Services Subject
---------- -------- -------
..... CN=mail.domain.com, O=company, C=us
IP..S C=US, S=CA, L=City, O=domain.com, OU=domaininc.com, CN=mail.domain.com
IP.W. CN=mail.domain.com, OU=domaininc.com, O=domain.com, L=City, S=CA, C=US
..... CN=owamail.domain.com, OU=domaininc.com, O=domain.com, L=City, S=CA, C=US
..... CN=owamail, OU=domaininc.com, O=domain.com, L=City, S=CA, C=US
..... CN=mailsvr.DOMAININC.COM, OU=domaininc.com, O=domaininc.com, L=City, S=CA, C=US
..... CN=owamail.domain.com
..... CN=mailsvr, OU=domaininc.com, O=domaininc.com, L=City, S=CA, C=US
..... CN=mailsvr.domaininc.com, OU=domaininc.com, O=domaininc.com, L=City, S=CA, C=US
..... CN=domain.domaininc.com, OU=CAS, O=domaininc, L=City, S=CA, C=US
..... CN=domain-cert, DC=domaininc, DC=com
....S CN=mailsvr
....S CN=mailsvr
The first line in that Cert request is what was just added CN=mail.domain.com, O=company, C=us
Still no luck. I've restarted transport services or completely rebooted after each of these steps. The problem I believe lies with the NETBIOS name of the server. When I do send mail to my personal account the header looks like this...
Return-Path: <me@domain.com>
Received: from noehlo.host ([127.0.0.1])
by mx-dipper.atl.sa.earthlink
Received: from mail.domain.com ([64.81.x.x])
by mx-dipper.atl.sa.earthlink
for <personal@earthlink.net>; Wed, 17 Sep 2008 15:52:28 -0400 (EDT)
Received: from mailsvr.domaininc.com ([192.168.10.30]) by
mailsvr.domaininc.com ([192.168.10.30]) with mapi; Wed, 17 Sep 2008
12:51:42 -0700
Content-Type: multipart/mixed;
boundary="_000_C91EF45348F
From: me <me@domain.com>
To: personal personal@earthlink.net
Part of it shows the correct PTR "mail.domain.com" other parts still show the server name "mailsvr.domaininc.com"
Have I painted myself into a corner? I am at a point to where I suppose I can rename the domain back to its original name since it is no longer attached to the old forest. Is this as complicated as I'm making it or is there a simpler solution? I think with a MX record pointing to "mail.global.frontbridge.c
Any assistance is much appreciated
Cheers
We are getting 550 and 553 undeliverables from AT&T and SBC Global e-mail accounts the past few days. I tried submitting an unblock request to : http://att.net/blocks and I get the following e-mail from AT&T
"Thank you for contacting the AT&T Postmaster.
Please contact your hosting provider and inform them of your experience. The resources at AT&T only block IPs based on the merit of the traffic received. This underlying issue can only be resolved by the hosting provider administrating this IP. You are welcome to forward this message to them.
HOSTING PROVIDER: This IP has been blocked as a direct result of the traffic into AT&T resources. Please check your server logs for anomalies, violations of your acceptable-use policy, and/or compromised servers prior to requesting removal. Failure to correct these issues will delay the removal of your servers from our blocklist, as well as diminishing the credibility of your network security and the availability of AT&T internet resources."
So after some research I figured it was my PTR record. Now I need to explain how the Exchange server is setup.
-Exchange 2007 SP1
-Windows 2003 x64 server
-Single Exchange server
-No Edge server
-Static IP
-MX record points to "mail.global.frontbridge.c
When I implemented Exch 07 I also was doing a domain migration so I had to give the new domain a different name so it went from "domain.com" to "domainInc.com" but external DNS still needed to use "domain.com".
-The NETBIOS name of the Exch box is "mailsvr.domaininc.com".
I figured out that I could add new "Accepted Domain" under the Hub Transport using "%m@domain.com" and set it as the default Reply under the E-mail address Policy. Created my certs, setup webmail and RPC/HTTPS. Everything worked great... Till now, AT&T has *&%ed my world.
So this is what I have tried so far&
-I had my IP provider create a PTR record on their end to "mail.domain.com" checked it and it comes out correctly X.X.81.64.in-addr.arpa PTR mail.domain.com
Still not working&
-Changed the FQDN for the send connector to "mail.domain.com"
Started getting Ev ID: 12014 in MS Exch Transport which points to the receive connector FQDN and Send connector FQDN not matching as well as the Cert not having that FQDN.
-Disabled the Default Receive Connector and created a new one with the FQDN of mail.domain.com
-Created a new cert request using what is described here.. http://technet.microsoft.com/en-us/library/aa998840(EXCHG.80).aspx
Get-ExchangeCertificate (Thumbprints Removed)
Services Subject
---------- -------- -------
..... CN=mail.domain.com, O=company, C=us
IP..S C=US, S=CA, L=City, O=domain.com, OU=domaininc.com, CN=mail.domain.com
IP.W. CN=mail.domain.com, OU=domaininc.com, O=domain.com, L=City, S=CA, C=US
..... CN=owamail.domain.com, OU=domaininc.com, O=domain.com, L=City, S=CA, C=US
..... CN=owamail, OU=domaininc.com, O=domain.com, L=City, S=CA, C=US
..... CN=mailsvr.DOMAININC.COM, OU=domaininc.com, O=domaininc.com, L=City, S=CA, C=US
..... CN=owamail.domain.com
..... CN=mailsvr, OU=domaininc.com, O=domaininc.com, L=City, S=CA, C=US
..... CN=mailsvr.domaininc.com, OU=domaininc.com, O=domaininc.com, L=City, S=CA, C=US
..... CN=domain.domaininc.com, OU=CAS, O=domaininc, L=City, S=CA, C=US
..... CN=domain-cert, DC=domaininc, DC=com
....S CN=mailsvr
....S CN=mailsvr
The first line in that Cert request is what was just added CN=mail.domain.com, O=company, C=us
Still no luck. I've restarted transport services or completely rebooted after each of these steps. The problem I believe lies with the NETBIOS name of the server. When I do send mail to my personal account the header looks like this...
Return-Path: <me@domain.com>
Received: from noehlo.host ([127.0.0.1])
by mx-dipper.atl.sa.earthlink
Received: from mail.domain.com ([64.81.x.x])
by mx-dipper.atl.sa.earthlink
for <personal@earthlink.net>; Wed, 17 Sep 2008 15:52:28 -0400 (EDT)
Received: from mailsvr.domaininc.com ([192.168.10.30]) by
mailsvr.domaininc.com ([192.168.10.30]) with mapi; Wed, 17 Sep 2008
12:51:42 -0700
Content-Type: multipart/mixed;
boundary="_000_C91EF45348F
From: me <me@domain.com>
To: personal personal@earthlink.net
Part of it shows the correct PTR "mail.domain.com" other parts still show the server name "mailsvr.domaininc.com"
Have I painted myself into a corner? I am at a point to where I suppose I can rename the domain back to its original name since it is no longer attached to the old forest. Is this as complicated as I'm making it or is there a simpler solution? I think with a MX record pointing to "mail.global.frontbridge.c
Any assistance is much appreciated
Cheers
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here is what 550 and 553 codes mean:
5.5.0 Underlying SMTP 500 error. Our server tried ehlo, the recipient's server did not understand and returned a 550 or 500 error. Set up SMTP logging.
5.5.3 More than 5,000 recipients. Check the Global Settings, Message Delivery properties.
5.5.0 Underlying SMTP 500 error. Our server tried ehlo, the recipient's server did not understand and returned a 550 or 500 error. Set up SMTP logging.
5.5.3 More than 5,000 recipients. Check the Global Settings, Message Delivery properties.
PS, I ran your ip through dnsstuff and it came back clean.
ASKER
I think I may have figured it out... I think I need to have my ISP change our PTR record to point to "mail.global.frontbridge.c
ASKER
ip = 64.81.86.116