Solved

Domain name in ADS is not .local - instead it matches the Internet DNS - causing random problems/bounces?

Posted on 2008-10-20
2
293 Views
Last Modified: 2013-11-30
If you have an Exchange Server, that's used as a internal LAN server + Exchange on the Internet, it's usually configured with a .local ADS set up.. but what if a server is configured for ADS and it matches the Internet FQDN and there is no .local - only "server.domain.com" in ADS and Exchange?

There seems to be strange, random bounce issues... 95% of mail flows fine, but sometimes if an outside person "Replies" to a message sent by an internal user, it bounces with '504 Need to Authenticate First".. I suspect it has something to do with the DNS set up and Active Directory..?  Any insight into this kind of set up?
0
Comment
Question by:aconway
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 33

Accepted Solution

by:
Exchange_Geek earned 500 total points
ID: 22762125
"95% of mail flows fine, but sometimes if an outside person "Replies" to a message sent by an internal user, it bounces with '504 Need to Authenticate First"

How can 5% retort to DNS issues EVER. If people can send emails fine / receive emails fine. Then how is the reply option going to change the world drastically. If you select on reply a new message comes up and adds the same user in TO list.

Now, if you had to send a new message, wouldn't the same user be in the TO list. So whats the difference.

Googling this issue i found links:

http://forums.techarena.in/small-business-server/737576.htm
http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_21100498.html
0
 

Author Comment

by:aconway
ID: 22762308
I said it correctly.. and I tested it twice earlier.. someone from the outside was having a problem sending mail to an inside user.. (see NDR below)..   They then discovered if they compose a NEW message to that same user, it goes fine.. but if it's a reply, it bounced.. we tested and confirmed this two times in a row..  So don't ask me.. that's why I am asking you guys.

THEN. shortly after we started testing this, it began to work when replying and is no longer bouncing back.. so it seems like a sporadic problems.. hence my 95% comment... if I have them test it again, it could stat bouncing again.. very random - something is going on.

Here's the NDR from the outside user when they tried to reply and it failed:

  There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
  <dev1.internal.networkforgood.org #5.5.0 smtp;553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser)>

SMTP LOGFILE:

64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 141, 0, 132, 0, 0, -, -, 220 dev1.internal.networkforgood.org Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at  Mon, 20 Oct 2008 13:52:21 -0400 ,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 141, 0, 4, 0, 0, EHLO, -, server.mydomain.org,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 281, 0, 57, 0, 0, -, -, 250-dev1.internal.networkforgood.org Hello [69.30.69.184],
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 281, 0, 4, 0, 0, MAIL, -, FROM:<user@mydomain.org> SIZE=28208,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 406, 0, 34, 0, 0, -, -, 250 2.1.0 user@mydomain.org....Sender OK,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 406, 0, 4, 0, 0, RCPT, -, TO:<user@networkforgood.org>,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 516, 0, 39, 0, 0, -, -, 250 2.1.5 user@networkforgood.org ,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 516, 0, 7, 0, 0, XEXCH50, -, 2460 2,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 641, 0, 30, 0, 0, -, -, 504 Need to authenticate first,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 641, 0, 4, 0, 0, BDAT, -, 28208 LAST,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:40, SMTPSVC1, SERVER, -, 1281, 0, 92, 0, 0, -, -, 250 2.6.0  <4CD38C3641F4D543934F26D2DE489BE39D134C@server.mydomain.org> Queued mail for delivery,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:40, SMTPSVC1, SERVER, -, 1281, 0, 4, 0, 0, QUIT, -, -,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:40, SMTPSVC1, SERVER, -, 1516, 0, 79, 0, 0, -, -, 221 2.0.0 dev1.internal.networkforgood.org Service closing transmission channel,


... and it magically starts working again.. just trying to figure out the "magic" here.. There is no AV or Mail Security involved, at least on the end I am troubleshooting.. just normal Exchange SMTP DNS..

Or maybe it IS actually sending it through eventually (looking at that log entry).. but it's STILL producing random NDR's, which .. means something is weird.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month11 days, 9 hours left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question