troubleshooting Question
550 Host unknown
asked on
I have built a Linux Fedora 12 box as a MTA for the company to facilitate a new Exchange
server that is on the inside network. The MTA is siting on the DMZ and can ping the Exchange
server and visa versa. When I try to send mail to the test account which is setup on the exchange
server, I get the follwoing error:
----- The following addresses had permanent fatal errors ----- <techadmin@CompanyDomain.b
(reason: 550 Host unknown)
I have used every tool and test that I can think of or find, and I cannot fathom why this error
exist or continue to.The company has a Bonded T1 service from Covad. I called and spoke to them
about this but they had no real answer except to buy more services and had over the in house mail
operation. I included their smtp information in the "Smart Host" section of the Sendamil config file.
I have tried to be as comprehensive as possible so that I can get an answer as quick as possible,
without fraustrating you guys and myself. I was also able to telnet to the MTA via
"telnet mail.CompanyDoamin.biz 25"
Would someone please give me a hand with this?
Here are the results of all the tests:
==========================
nslookup results
nslookup mail.CompanyDomain.biz
Non-authoritative answer:
Name: mail.companydomain.biz
Address: w.x.y.z
==========================
More nslookup results
> set type=mx
> companydoamin.biz
Server: inside-DNS.company.local
Address: 10.x.x.x
Non-authoritative answer:
CompanyDomain.biz MX preference = 0, mail exchanger = mail.CompanyDomain.biz
CompanyDomain.biz nameserver = ns31.domaincontrol.com
CompanyDomain.biz nameserver = ns32.domaincontrol.com
mail.CompanyDomain.biz internet address = w.x.y.z
>
==========================
--DNS Records SPF Text value--
v=spf1 a mx ptr mx:w.x.y.z ip4:w.x.y.z-all
==========================
--DNS A Record--
mail w.x.y.z
--DNS MX Record--
0 @ mail.CompanyDomain.biz
==========================
--output from SMTP Diag via mxtoolbox.com--
220 mail.CompanyDomain.biz ESMTP Sendmail 8.14.3/8.14.3; Sat, 13 Feb 2010 22:34:54 -0600
Not an open relay.
0 seconds - Good on Connection time
0.094 seconds - Good on Transaction time
OK - 74.3.82.27 resolves to
Warning - Reverse DNS does not match SMTP Banner
Session Transcript:
HELO please-read-policy.mxtoolb
250 mail.CompanyDomain.biz Hello recover.mxtoolbox.com [64.20.227.133] (may be forged), pleased to meet you [31 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 <supertool@mxtoolbox.com>.
RCPT TO: <test@example.com>
550 5.7.1 <test@example.com>... Relaying denied. IP name possibly forged [64.20.227.133] [31 ms]
QUIT
221 2.0.0 mail.CompanyDomain.biz closing connection [16 ms]
==========================
--Port Scan via mxtoolbox.com
25 smtp Success 31 ms
These ports were closed:
21 ftp Timeout 0 ms
22 ssh Timeout 0 ms
23 telnet Timeout 0 ms
53 dns Timeout 0 ms
80 http Timeout 0 ms
110 pop3 Timeout 0 ms
143 imap Timeout 0 ms
139 netbios Timeout 0 ms
389 ldap Timeout 0 ms
443 https Timeout 0 ms
587 msa-outlook Timeout 0 ms
1433 sql server Timeout 0 ms
3306 my sql Timeout 0 ms
3389 remote desktop Timeout 0 ms
8080 webcache Timeout 0 ms
==========================
--Result from verify-email.org--
Result: Ok
Log:
MX record about CompanyDomain.biz exists.
Connection succeeded to mail.CompanyDomain.biz SMTP.
220 mail.CompanyDomain.biz ESMTP Sendmail 8.14.3/8.14.3; Sun, 14 Feb 2010 21:14:11 -0600
> HELO verify-email.org
250 mail.CompanyDomain.biz Hello web409.opentransfer.com [98.130.2.11], pleased to meet you
> MAIL FROM: <check@verify-email.org>
=250 2.1.0 <check@verify-email.org>..
> RCPT TO: <techadmin@CompanyDomain.b
=250 2.1.5 <techadmin@CompanyDomain.b
==========================
--Results from DNS Watch.info--
Searching for mail.CompanyDomain.biz. A record at G.ROOT-SERVERS.NET. [192.112.36.4] ...took 31 ms
Searching for mail.CompanyDomain.biz. A record at B.GTLD.biz. [209.173.57.162] ...took 120 ms
Searching for NS32.DOMAINCONTROL.COM. A record at H.ROOT-SERVERS.NET. [128.63.2.53] ...took 95 ms
Searching for NS32.DOMAINCONTROL.COM. A record at g.gtld-servers.net. [192.42.93.30] ...took 165 ms
Searching for mail.CompanyDomain.biz. A record at NS32.DOMAINCONTROL.COM. [208.109.255.16] ...took 92 ms
==========================
---Partial SendMail config---
dnl # Uncomment and edit the following line if your outgoing mail needs to
Other dnl # be sent out through an external mail server:
Other dnl #
Other dnl define(`SMART_HOST', `smtp.covad.net')dnl
Other dnl #
Define define(`confDEF_USER_ID', ``8:12'')dnl
Other dnl define(`confAUTO_REBUILD')
Define define(`confTO_CONNECT', `1m')dnl
Define define(`confTRY_NULL_MX_LI
Define define(`confDONT_PROBE_INT
Define define(`PROCMAIL_MAILER_PA
Define define(`ALIAS_FILE', `/etc/aliases')dnl
Define define(`STATUS_FILE', `/var/log/mail/statistics'
Define define(`UUCP_MAILER_MAX', `2000000')dnl
Define define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
Define define(`confPRIVACY_FLAGS'
Define define(`confAUTH_OPTIONS',
==========================
NOTE THE "SMART_HOST" section in the sendmail config above.
Thanks in Advance
server that is on the inside network. The MTA is siting on the DMZ and can ping the Exchange
server and visa versa. When I try to send mail to the test account which is setup on the exchange
server, I get the follwoing error:
----- The following addresses had permanent fatal errors ----- <techadmin@CompanyDomain.b
(reason: 550 Host unknown)
I have used every tool and test that I can think of or find, and I cannot fathom why this error
exist or continue to.The company has a Bonded T1 service from Covad. I called and spoke to them
about this but they had no real answer except to buy more services and had over the in house mail
operation. I included their smtp information in the "Smart Host" section of the Sendamil config file.
I have tried to be as comprehensive as possible so that I can get an answer as quick as possible,
without fraustrating you guys and myself. I was also able to telnet to the MTA via
"telnet mail.CompanyDoamin.biz 25"
Would someone please give me a hand with this?
Here are the results of all the tests:
==========================
nslookup results
nslookup mail.CompanyDomain.biz
Non-authoritative answer:
Name: mail.companydomain.biz
Address: w.x.y.z
==========================
More nslookup results
> set type=mx
> companydoamin.biz
Server: inside-DNS.company.local
Address: 10.x.x.x
Non-authoritative answer:
CompanyDomain.biz MX preference = 0, mail exchanger = mail.CompanyDomain.biz
CompanyDomain.biz nameserver = ns31.domaincontrol.com
CompanyDomain.biz nameserver = ns32.domaincontrol.com
mail.CompanyDomain.biz internet address = w.x.y.z
>
==========================
--DNS Records SPF Text value--
v=spf1 a mx ptr mx:w.x.y.z ip4:w.x.y.z-all
==========================
--DNS A Record--
mail w.x.y.z
--DNS MX Record--
0 @ mail.CompanyDomain.biz
==========================
--output from SMTP Diag via mxtoolbox.com--
220 mail.CompanyDomain.biz ESMTP Sendmail 8.14.3/8.14.3; Sat, 13 Feb 2010 22:34:54 -0600
Not an open relay.
0 seconds - Good on Connection time
0.094 seconds - Good on Transaction time
OK - 74.3.82.27 resolves to
Warning - Reverse DNS does not match SMTP Banner
Session Transcript:
HELO please-read-policy.mxtoolb
250 mail.CompanyDomain.biz Hello recover.mxtoolbox.com [64.20.227.133] (may be forged), pleased to meet you [31 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 <supertool@mxtoolbox.com>.
RCPT TO: <test@example.com>
550 5.7.1 <test@example.com>... Relaying denied. IP name possibly forged [64.20.227.133] [31 ms]
QUIT
221 2.0.0 mail.CompanyDomain.biz closing connection [16 ms]
==========================
--Port Scan via mxtoolbox.com
25 smtp Success 31 ms
These ports were closed:
21 ftp Timeout 0 ms
22 ssh Timeout 0 ms
23 telnet Timeout 0 ms
53 dns Timeout 0 ms
80 http Timeout 0 ms
110 pop3 Timeout 0 ms
143 imap Timeout 0 ms
139 netbios Timeout 0 ms
389 ldap Timeout 0 ms
443 https Timeout 0 ms
587 msa-outlook Timeout 0 ms
1433 sql server Timeout 0 ms
3306 my sql Timeout 0 ms
3389 remote desktop Timeout 0 ms
8080 webcache Timeout 0 ms
==========================
--Result from verify-email.org--
Result: Ok
Log:
MX record about CompanyDomain.biz exists.
Connection succeeded to mail.CompanyDomain.biz SMTP.
220 mail.CompanyDomain.biz ESMTP Sendmail 8.14.3/8.14.3; Sun, 14 Feb 2010 21:14:11 -0600
> HELO verify-email.org
250 mail.CompanyDomain.biz Hello web409.opentransfer.com [98.130.2.11], pleased to meet you
> MAIL FROM: <check@verify-email.org>
=250 2.1.0 <check@verify-email.org>..
> RCPT TO: <techadmin@CompanyDomain.b
=250 2.1.5 <techadmin@CompanyDomain.b
==========================
--Results from DNS Watch.info--
Searching for mail.CompanyDomain.biz. A record at G.ROOT-SERVERS.NET. [192.112.36.4] ...took 31 ms
Searching for mail.CompanyDomain.biz. A record at B.GTLD.biz. [209.173.57.162] ...took 120 ms
Searching for NS32.DOMAINCONTROL.COM. A record at H.ROOT-SERVERS.NET. [128.63.2.53] ...took 95 ms
Searching for NS32.DOMAINCONTROL.COM. A record at g.gtld-servers.net. [192.42.93.30] ...took 165 ms
Searching for mail.CompanyDomain.biz. A record at NS32.DOMAINCONTROL.COM. [208.109.255.16] ...took 92 ms
==========================
---Partial SendMail config---
dnl # Uncomment and edit the following line if your outgoing mail needs to
Other dnl # be sent out through an external mail server:
Other dnl #
Other dnl define(`SMART_HOST', `smtp.covad.net')dnl
Other dnl #
Define define(`confDEF_USER_ID', ``8:12'')dnl
Other dnl define(`confAUTO_REBUILD')
Define define(`confTO_CONNECT', `1m')dnl
Define define(`confTRY_NULL_MX_LI
Define define(`confDONT_PROBE_INT
Define define(`PROCMAIL_MAILER_PA
Define define(`ALIAS_FILE', `/etc/aliases')dnl
Define define(`STATUS_FILE', `/var/log/mail/statistics'
Define define(`UUCP_MAILER_MAX', `2000000')dnl
Define define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
Define define(`confPRIVACY_FLAGS'
Define define(`confAUTH_OPTIONS',
==========================
NOTE THE "SMART_HOST" section in the sendmail config above.
Thanks in Advance
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 4 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.