This server requires PTR for unauthenticated connections

Posted on 2009-07-14
Last Modified: 2012-05-07
I'm having this PTR problem when sending to this one particular domain. The the problem happens very intermittently. Sometimes the email would send through but other times it bounces back "The following recipient(s) could not be reached: on 3/07/2009 8:41 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            < #5.5.0 smtp;554 This server requires PTR for unauthenticated connections.>"
I'm running exchange 2003 internally but our MX records are pointed to messagelabs to do spam filtering (please see attachment for my dns setting). I'm able to send/receive emails from everyone else but this particular domain. What should i do to resolve this problem?  
Question by:hvle
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
LVL 12

Expert Comment

ID: 24856441
The problem is not your MX nor anything to do with your incoming mail server.

It has to do with your outgoing server.  If you're using Exchange to deliver mail directly (as opposed to forwarding every email to your ISP), then your public IP must have a reverse dns entry (PTR record).   The mail server you are sending to may additionally require that your forward record match (your IP's main host name).

You need to deal with your ISP on this because they are in control over your reverse dns entries.  You may have a tool that your ISP provided as well that lets you set the reverse host name.

An alternative is to set up all outgoing emails to go through your ISP's mail server.  (called smart host or forwarding)

LVL 14

Expert Comment

ID: 24856455
A PTR record exists in a Reverse DNS zone, not in a Forward DNS zone.  The pic above doesn't say much about whether your organization's mail server has a PTR record or not.  
Go to this site:
Plug in your mail server's public IP address, and see if there is a valid, non-generic Reverse DNS record or not

Have your ISP create a PTR record for the (public) IP address that your email server uses when it sends mail.  

(If you send outgoing mail through a smart host, then yell at the smart host provider, and have them create a PTR record for their server)
LVL 11

Accepted Solution

tmeunier earned 500 total points
ID: 24856457
Yes, this DNS zone is sort of messed up.  You have CNAMEd over to MX8.whatever.messagelabs.  That isn't correct, unless is actually the exact identical public IP address, exact identical server, as MX8.whatever.messagelabs.   Since Message Labs is capable of sending your mail to you, I know that has a fixed public IP address. Use this as an "A" record, and remove the CNAME.  Then, let's say that this IP address is  You need to go to your ISP (unless you've been delegated reverse DNS) and tell them you need them to create the PTR record as follows:   IN    PTR

There is no reason I can see to have your actual mail host CNAMEd to Message Labs' MX.

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now


Author Closing Comment

ID: 31603588
I have asked my ISP to add the PTR record. it looks like it's working. thank you

Author Comment

ID: 25030603
I have asked my ISP to add the PTR record for to point to and i have used to check and it's valid. I've waited for 1 week for all the DNS in the world to replicate across but the email still bounce back with the same error message "Your message did not reach some or all of the intended recipients.

      Subject:      test
      Sent:      6/08/2009 4:14 PM

The following recipient(s) cannot be reached: on 6/08/2009 4:14 PM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            < #5.5.0 smtp;554 This server requires PTR for unauthenticated connections.>"

Have I missed something? or did I do anything incorrectly?  

LVL 14

Expert Comment

ID: 25030671
Well, it certainly looks like you've done everything right.

Your DNS A Record, and PTR record look good.
LVL 11

Expert Comment

ID: 25032655
Indeed they look good.  You may need to wait 24 hours from the time the PTR was created, if that mail host ( had cached whatever placeholder the ISP had there before.

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question