[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1092
  • Last Modified:

451 4.4.0 DNS Query Failed

Hi,

We recently installed Exchange 2007 on Windows 2008 and everything has been running great. I do have one company that we are getting this error with and usually I wouldn't care as much, but it's our medical insurance company! I've attached a screen shot of the error and the details of the message in the queue. I also did an NSlookup form the server and it does return three mx records for the company. I'm lost and would like some guidance. There is no Edge server. Everything is on one server with our Sonicwall 3060's ports opened for SMTP 25. Any help would be great!

Thanks,
Matt
dns-error.doc
0
fairrington
Asked:
fairrington
  • 9
  • 9
1 Solution
 
FearNoMoreCommented:
Is External DNS lookup configured?
http://technet.microsoft.com/en-us/library/bb691021.aspx
How many NIC's fo you have and how is/are they configured ?
0
 
fairringtonAuthor Commented:
Looking at the properties of the hub transport, I have Use All Available IPv4 Addresses. I only have one nic set up for this server. I'll attach a file with the properties. Thanks
nic.doc
0
 
FearNoMoreCommented:
How many NICs do you have?
Send a screenshot after selecting that specific NIC
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
fairringtonAuthor Commented:
I have two, but the second one is disabled and nothing plugged into it.
Network.doc
0
 
FearNoMoreCommented:
The NIC you are using...does it use External Public DNS?
0
 
fairringtonAuthor Commented:
No. Internal DNS servers. Should I try external? If so, any good ones to try?
0
 
FearNoMoreCommented:
No dont try external....
Under the External DNS lookup Tab.....
Select the sceond option "Use these DNS Servers" and mention the IP of the internal DNS server
Remember for thsi to work....firewalls should allow port 53 for DNS resolution
After this is done try sending out an email to your insurance company again
0
 
fairringtonAuthor Commented:
I just did what you said and still I'm getting the error. I choose external dns, but used my two internals and changed the firewall to let anything from the LAN go to that port via WAN.
0
 
FearNoMoreCommented:
2 internals meaning 2 DNS servers?
dont use 2 internals just try with 1
0
 
fairringtonAuthor Commented:
Tried the primary and same thing.
0
 
FearNoMoreCommented:
Ok do this:
telnet mx record of recipient domain 25
Does it connect and show you the banner?
0
 
FearNoMoreCommented:
Also going back into the External DNS Lookup tab
Select "Use these DNS Servers" and put in the ip of a public dns server such as 4.2.2.1
Now what happens?
0
 
fairringtonAuthor Commented:
Here's what I get:
220 smtp3.alliedbenefit.com ESMTP (ce8c9da09efd0f5b632bce478ae433d8)

The other 2 in the mx record don't come back with anything.
0
 
fairringtonAuthor Commented:
Same thing when trying 4.2.2.1
0
 
FearNoMoreCommented:
Did you restart the transport service after making the 4.2.2.1 modification?
 
ok go back to telnet
Do a telnet localhost 25
ehlo
Should list 18 odd exchange verbs...then do
mail from: someone@yourdomain.com
rcpt to: someone@recipientdomain.com
and send out an email using telnet
does it get delivered...it should say queued for delivery
 
0
 
FearNoMoreCommented:
Another suggestion is to specifically create a Send Connector for this domain using external DNS and then check
 
0
 
fairringtonAuthor Commented:
Here's what I get when I try to send her an email:

220 FTCMAIL.Fairrington.com Microsoft ESMTP MAIL Service ready at Mon, 30 Mar 20
09 09:35:52 -0500
ehlo
250-FTCMAIL.Fairrington.com Hello [::1]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250 XRDST
mail from: mbarys@fairrington.com
250 2.1.0 Sender OK
rcpt to: dfoelske@alliedbenefit.com
550 5.7.1 Unable to relay


I will try the send connector next.
0
 
fairringtonAuthor Commented:
Thanks! That did the trick with the new SMTP connector!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 9
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now