Solved

451 4.4.0 DNS Query Failed

Posted on 2009-03-29
18
1,039 Views
Last Modified: 2012-05-07
Hi,

We recently installed Exchange 2007 on Windows 2008 and everything has been running great. I do have one company that we are getting this error with and usually I wouldn't care as much, but it's our medical insurance company! I've attached a screen shot of the error and the details of the message in the queue. I also did an NSlookup form the server and it does return three mx records for the company. I'm lost and would like some guidance. There is no Edge server. Everything is on one server with our Sonicwall 3060's ports opened for SMTP 25. Any help would be great!

Thanks,
Matt
dns-error.doc
0
Comment
Question by:fairrington
  • 9
  • 9
18 Comments
 
LVL 13

Expert Comment

by:FearNoMore
Comment Utility
Is External DNS lookup configured?
http://technet.microsoft.com/en-us/library/bb691021.aspx
How many NIC's fo you have and how is/are they configured ?
0
 

Author Comment

by:fairrington
Comment Utility
Looking at the properties of the hub transport, I have Use All Available IPv4 Addresses. I only have one nic set up for this server. I'll attach a file with the properties. Thanks
nic.doc
0
 
LVL 13

Expert Comment

by:FearNoMore
Comment Utility
How many NICs do you have?
Send a screenshot after selecting that specific NIC
0
 

Author Comment

by:fairrington
Comment Utility
I have two, but the second one is disabled and nothing plugged into it.
Network.doc
0
 
LVL 13

Expert Comment

by:FearNoMore
Comment Utility
The NIC you are using...does it use External Public DNS?
0
 

Author Comment

by:fairrington
Comment Utility
No. Internal DNS servers. Should I try external? If so, any good ones to try?
0
 
LVL 13

Expert Comment

by:FearNoMore
Comment Utility
No dont try external....
Under the External DNS lookup Tab.....
Select the sceond option "Use these DNS Servers" and mention the IP of the internal DNS server
Remember for thsi to work....firewalls should allow port 53 for DNS resolution
After this is done try sending out an email to your insurance company again
0
 

Author Comment

by:fairrington
Comment Utility
I just did what you said and still I'm getting the error. I choose external dns, but used my two internals and changed the firewall to let anything from the LAN go to that port via WAN.
0
 
LVL 13

Expert Comment

by:FearNoMore
Comment Utility
2 internals meaning 2 DNS servers?
dont use 2 internals just try with 1
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:fairrington
Comment Utility
Tried the primary and same thing.
0
 
LVL 13

Expert Comment

by:FearNoMore
Comment Utility
Ok do this:
telnet mx record of recipient domain 25
Does it connect and show you the banner?
0
 
LVL 13

Expert Comment

by:FearNoMore
Comment Utility
Also going back into the External DNS Lookup tab
Select "Use these DNS Servers" and put in the ip of a public dns server such as 4.2.2.1
Now what happens?
0
 

Author Comment

by:fairrington
Comment Utility
Here's what I get:
220 smtp3.alliedbenefit.com ESMTP (ce8c9da09efd0f5b632bce478ae433d8)

The other 2 in the mx record don't come back with anything.
0
 

Author Comment

by:fairrington
Comment Utility
Same thing when trying 4.2.2.1
0
 
LVL 13

Expert Comment

by:FearNoMore
Comment Utility
Did you restart the transport service after making the 4.2.2.1 modification?
 
ok go back to telnet
Do a telnet localhost 25
ehlo
Should list 18 odd exchange verbs...then do
mail from: someone@yourdomain.com
rcpt to: someone@recipientdomain.com
and send out an email using telnet
does it get delivered...it should say queued for delivery
 
0
 
LVL 13

Accepted Solution

by:
FearNoMore earned 500 total points
Comment Utility
Another suggestion is to specifically create a Send Connector for this domain using external DNS and then check
 
0
 

Author Comment

by:fairrington
Comment Utility
Here's what I get when I try to send her an email:

220 FTCMAIL.Fairrington.com Microsoft ESMTP MAIL Service ready at Mon, 30 Mar 20
09 09:35:52 -0500
ehlo
250-FTCMAIL.Fairrington.com Hello [::1]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250 XRDST
mail from: mbarys@fairrington.com
250 2.1.0 Sender OK
rcpt to: dfoelske@alliedbenefit.com
550 5.7.1 Unable to relay


I will try the send connector next.
0
 

Author Closing Comment

by:fairrington
Comment Utility
Thanks! That did the trick with the new SMTP connector!
0

Featured Post

Shouldn't all users have the same email signature?

You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Easy CSR creation in Exchange 2007,2010 and 2013
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video discusses moving either the default database or any database to a new volume.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now