This server requires PTR for unauthenticated connections

Posted on 2009-07-14
Last Modified: 2012-05-07
I'm having this PTR problem when sending to this one particular domain. The the problem happens very intermittently. Sometimes the email would send through but other times it bounces back "The following recipient(s) could not be reached: on 3/07/2009 8:41 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            < #5.5.0 smtp;554 This server requires PTR for unauthenticated connections.>"
I'm running exchange 2003 internally but our MX records are pointed to messagelabs to do spam filtering (please see attachment for my dns setting). I'm able to send/receive emails from everyone else but this particular domain. What should i do to resolve this problem?  
Question by:hvle
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
LVL 12

Expert Comment

ID: 24856441
The problem is not your MX nor anything to do with your incoming mail server.

It has to do with your outgoing server.  If you're using Exchange to deliver mail directly (as opposed to forwarding every email to your ISP), then your public IP must have a reverse dns entry (PTR record).   The mail server you are sending to may additionally require that your forward record match (your IP's main host name).

You need to deal with your ISP on this because they are in control over your reverse dns entries.  You may have a tool that your ISP provided as well that lets you set the reverse host name.

An alternative is to set up all outgoing emails to go through your ISP's mail server.  (called smart host or forwarding)

LVL 14

Expert Comment

ID: 24856455
A PTR record exists in a Reverse DNS zone, not in a Forward DNS zone.  The pic above doesn't say much about whether your organization's mail server has a PTR record or not.  
Go to this site:
Plug in your mail server's public IP address, and see if there is a valid, non-generic Reverse DNS record or not

Have your ISP create a PTR record for the (public) IP address that your email server uses when it sends mail.  

(If you send outgoing mail through a smart host, then yell at the smart host provider, and have them create a PTR record for their server)
LVL 11

Accepted Solution

tmeunier earned 500 total points
ID: 24856457
Yes, this DNS zone is sort of messed up.  You have CNAMEd over to MX8.whatever.messagelabs.  That isn't correct, unless is actually the exact identical public IP address, exact identical server, as MX8.whatever.messagelabs.   Since Message Labs is capable of sending your mail to you, I know that has a fixed public IP address. Use this as an "A" record, and remove the CNAME.  Then, let's say that this IP address is  You need to go to your ISP (unless you've been delegated reverse DNS) and tell them you need them to create the PTR record as follows:   IN    PTR

There is no reason I can see to have your actual mail host CNAMEd to Message Labs' MX.

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!


Author Closing Comment

ID: 31603588
I have asked my ISP to add the PTR record. it looks like it's working. thank you

Author Comment

ID: 25030603
I have asked my ISP to add the PTR record for to point to and i have used to check and it's valid. I've waited for 1 week for all the DNS in the world to replicate across but the email still bounce back with the same error message "Your message did not reach some or all of the intended recipients.

      Subject:      test
      Sent:      6/08/2009 4:14 PM

The following recipient(s) cannot be reached: on 6/08/2009 4:14 PM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            < #5.5.0 smtp;554 This server requires PTR for unauthenticated connections.>"

Have I missed something? or did I do anything incorrectly?  

LVL 14

Expert Comment

ID: 25030671
Well, it certainly looks like you've done everything right.

Your DNS A Record, and PTR record look good.
LVL 11

Expert Comment

ID: 25032655
Indeed they look good.  You may need to wait 24 hours from the time the PTR was created, if that mail host ( had cached whatever placeholder the ISP had there before.

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
how to add IIS SMTP to handle application/Scanner relays into office 365.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question