This server requires PTR for unauthenticated connections

Posted on 2009-07-14
Last Modified: 2012-05-07
I'm having this PTR problem when sending to this one particular domain. The the problem happens very intermittently. Sometimes the email would send through but other times it bounces back "The following recipient(s) could not be reached: on 3/07/2009 8:41 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            < #5.5.0 smtp;554 This server requires PTR for unauthenticated connections.>"
I'm running exchange 2003 internally but our MX records are pointed to messagelabs to do spam filtering (please see attachment for my dns setting). I'm able to send/receive emails from everyone else but this particular domain. What should i do to resolve this problem?  
Question by:hvle
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
LVL 12

Expert Comment

ID: 24856441
The problem is not your MX nor anything to do with your incoming mail server.

It has to do with your outgoing server.  If you're using Exchange to deliver mail directly (as opposed to forwarding every email to your ISP), then your public IP must have a reverse dns entry (PTR record).   The mail server you are sending to may additionally require that your forward record match (your IP's main host name).

You need to deal with your ISP on this because they are in control over your reverse dns entries.  You may have a tool that your ISP provided as well that lets you set the reverse host name.

An alternative is to set up all outgoing emails to go through your ISP's mail server.  (called smart host or forwarding)

LVL 14

Expert Comment

ID: 24856455
A PTR record exists in a Reverse DNS zone, not in a Forward DNS zone.  The pic above doesn't say much about whether your organization's mail server has a PTR record or not.  
Go to this site:
Plug in your mail server's public IP address, and see if there is a valid, non-generic Reverse DNS record or not

Have your ISP create a PTR record for the (public) IP address that your email server uses when it sends mail.  

(If you send outgoing mail through a smart host, then yell at the smart host provider, and have them create a PTR record for their server)
LVL 11

Accepted Solution

tmeunier earned 500 total points
ID: 24856457
Yes, this DNS zone is sort of messed up.  You have CNAMEd over to MX8.whatever.messagelabs.  That isn't correct, unless is actually the exact identical public IP address, exact identical server, as MX8.whatever.messagelabs.   Since Message Labs is capable of sending your mail to you, I know that has a fixed public IP address. Use this as an "A" record, and remove the CNAME.  Then, let's say that this IP address is  You need to go to your ISP (unless you've been delegated reverse DNS) and tell them you need them to create the PTR record as follows:   IN    PTR

There is no reason I can see to have your actual mail host CNAMEd to Message Labs' MX.

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.


Author Closing Comment

ID: 31603588
I have asked my ISP to add the PTR record. it looks like it's working. thank you

Author Comment

ID: 25030603
I have asked my ISP to add the PTR record for to point to and i have used to check and it's valid. I've waited for 1 week for all the DNS in the world to replicate across but the email still bounce back with the same error message "Your message did not reach some or all of the intended recipients.

      Subject:      test
      Sent:      6/08/2009 4:14 PM

The following recipient(s) cannot be reached: on 6/08/2009 4:14 PM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            < #5.5.0 smtp;554 This server requires PTR for unauthenticated connections.>"

Have I missed something? or did I do anything incorrectly?  

LVL 14

Expert Comment

ID: 25030671
Well, it certainly looks like you've done everything right.

Your DNS A Record, and PTR record look good.
LVL 11

Expert Comment

ID: 25032655
Indeed they look good.  You may need to wait 24 hours from the time the PTR was created, if that mail host ( had cached whatever placeholder the ISP had there before.

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question