Solved

Domain name in ADS is not .local - instead it matches the Internet DNS - causing random problems/bounces?

Posted on 2008-10-20
2
288 Views
Last Modified: 2013-11-30
If you have an Exchange Server, that's used as a internal LAN server + Exchange on the Internet, it's usually configured with a .local ADS set up.. but what if a server is configured for ADS and it matches the Internet FQDN and there is no .local - only "server.domain.com" in ADS and Exchange?

There seems to be strange, random bounce issues... 95% of mail flows fine, but sometimes if an outside person "Replies" to a message sent by an internal user, it bounces with '504 Need to Authenticate First".. I suspect it has something to do with the DNS set up and Active Directory..?  Any insight into this kind of set up?
0
Comment
Question by:aconway
2 Comments
 
LVL 33

Accepted Solution

by:
Exchange_Geek earned 500 total points
ID: 22762125
"95% of mail flows fine, but sometimes if an outside person "Replies" to a message sent by an internal user, it bounces with '504 Need to Authenticate First"

How can 5% retort to DNS issues EVER. If people can send emails fine / receive emails fine. Then how is the reply option going to change the world drastically. If you select on reply a new message comes up and adds the same user in TO list.

Now, if you had to send a new message, wouldn't the same user be in the TO list. So whats the difference.

Googling this issue i found links:

http://forums.techarena.in/small-business-server/737576.htm
http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_21100498.html
0
 

Author Comment

by:aconway
ID: 22762308
I said it correctly.. and I tested it twice earlier.. someone from the outside was having a problem sending mail to an inside user.. (see NDR below)..   They then discovered if they compose a NEW message to that same user, it goes fine.. but if it's a reply, it bounced.. we tested and confirmed this two times in a row..  So don't ask me.. that's why I am asking you guys.

THEN. shortly after we started testing this, it began to work when replying and is no longer bouncing back.. so it seems like a sporadic problems.. hence my 95% comment... if I have them test it again, it could stat bouncing again.. very random - something is going on.

Here's the NDR from the outside user when they tried to reply and it failed:

  There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
  <dev1.internal.networkforgood.org #5.5.0 smtp;553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser)>

SMTP LOGFILE:

64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 141, 0, 132, 0, 0, -, -, 220 dev1.internal.networkforgood.org Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at  Mon, 20 Oct 2008 13:52:21 -0400 ,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 141, 0, 4, 0, 0, EHLO, -, server.mydomain.org,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 281, 0, 57, 0, 0, -, -, 250-dev1.internal.networkforgood.org Hello [69.30.69.184],
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 281, 0, 4, 0, 0, MAIL, -, FROM:<user@mydomain.org> SIZE=28208,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 406, 0, 34, 0, 0, -, -, 250 2.1.0 user@mydomain.org....Sender OK,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 406, 0, 4, 0, 0, RCPT, -, TO:<user@networkforgood.org>,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 516, 0, 39, 0, 0, -, -, 250 2.1.5 user@networkforgood.org ,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 516, 0, 7, 0, 0, XEXCH50, -, 2460 2,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 641, 0, 30, 0, 0, -, -, 504 Need to authenticate first,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:39, SMTPSVC1, SERVER, -, 641, 0, 4, 0, 0, BDAT, -, 28208 LAST,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:40, SMTPSVC1, SERVER, -, 1281, 0, 92, 0, 0, -, -, 250 2.6.0  <4CD38C3641F4D543934F26D2DE489BE39D134C@server.mydomain.org> Queued mail for delivery,
64.236.108.219, OutboundConnectionCommand, 10/20/2008, 10:55:40, SMTPSVC1, SERVER, -, 1281, 0, 4, 0, 0, QUIT, -, -,
64.236.108.219, OutboundConnectionResponse, 10/20/2008, 10:55:40, SMTPSVC1, SERVER, -, 1516, 0, 79, 0, 0, -, -, 221 2.0.0 dev1.internal.networkforgood.org Service closing transmission channel,


... and it magically starts working again.. just trying to figure out the "magic" here.. There is no AV or Mail Security involved, at least on the end I am troubleshooting.. just normal Exchange SMTP DNS..

Or maybe it IS actually sending it through eventually (looking at that log entry).. but it's STILL producing random NDR's, which .. means something is weird.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question