Warning - Reverse DNS does not match SMTP Banner

When use mxtoolbox.com to check my company SMTP diag, show the message below:

smtp:mail.sportstoto.com.my     smtp    
220 MAILTOTO.stmsb.com.my ESMTP Service ready
 Not an open relay.
 0 seconds - Good on Connection time
 1.747 seconds - Good on Transaction time
 OK - 60.48.235.101 resolves to
 Warning - Reverse DNS does not match SMTP Banner

Go thru the existing post, refer to below link
http://demazter.wordpress.com/2010/02/09/exchange-dns-configuration/

Found that my Exchange 2007 Server Configuration-->Hub Transport FQDN is set MAILTOTO.stmsb.com.my instead of mail.sportstoto.com.my

The Exchange 2007 Server not allow me set back mail.sportstoto.com.my and show the below message:
--------------------------------------------------------
Microsoft Exchange Error
--------------------------------------------------------
The following error(s) occurred while saving changes:

set-receiveconnector
Failed
Error:
When the AuthMechanism parameter on a Receive connector is set to the value ExchangeServer, you must set the FQDN parameter on the Receive connector to one of the following values: the FQDN of the transport server "MAILTOTO.stmsb.com.my", the NetBIOS name of the transport server "MAILTOTO", or $null.

The NetBIOS for this server is "MAILTOTO.stmsb.com.my".

In this situation, have any solution to solve it?
Changing the NetBIOS, it this will causes any problem? like loss communication with AD?

If remain this setting, any problem on the SEND and RECEIVE email?

Thank You
STMSBAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
With Exchange 2007 you have a Send connector and a Receive connector.  You need to be changing the Send connector not the Receive connector. You can pretty much ignore the receive connector as this will only affect you receiving and servers don't really care what you call yourselves when they ar sending to you, they only care when you are sending to them to verify you are who you claim you are.
 
0
Alan HardistyCo-OwnerCommented:
Also, you do not have Reverse DNS setup on your domain at all.  You need to call your ISP and ask them to set this up for you.
Currently I cannot connect to your mail server, so you are either restricting your inbound IP Addresses, or you have problems.
0
STMSBAuthor Commented:
It mean that my Exchange Server setting is ok...Need to check with the ISP Reverse DNS setting.

By the way, my company is using 2 diffirent ISP line & the MX record as below:
1. 60.48.235.101   mail.sportstoto.com.my  10
2. 202.162.23.51   mail.sportstoto.com.my  10

We are using firewall to round-robin the connection. It this setting is a pratical or have any con?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Glen KnightCommented:
I have an article here that explains how your DNS should be configured: http://www.experts-exchange.com/articles/Software/Server_Software/Email_Servers/Exchange/Exchange-DNS-Configuration.html
If you find the article useful please vote for it :)

demazter
0
Alan HardistyCo-OwnerCommented:
You need to set both IP's up as MX records if that is the case.  You also need to make sure you have Reverse DNS setup on both IP Addresses too.
If you have SPF (Sender Policy Framework) setup in your DNS records, you will also need to make sure you specify both IP's in the record otherwise some people will reject you.  If you don't have SPF setup, then that should not be a problem.
Not sure exactly if your round-robin aproach will work technically as I have yet to try this method out, but maybe Demazter has seen this before?
 
0
Glen KnightCommented:
>>When the AuthMechanism parameter on a Receive connector is set to the value ExchangeServer, you must set the FQDN parameter on the Receive connector to one of the following values: the FQDN of the transport server "MAILTOTO.stmsb.com.my", the NetBIOS name of the transport server "MAILTOTO", or $null.

This is because of the permission and authentication groups you have on your receive connector, is this the only Hub Transport role? If so then you only need anonymouse access under permission groups and TLS ticked under authentication.

Once you have done this you will be able to change the FQDN#

Although as alanhardisty has said this isn't REALLY required it's just nice for completeness and to remove the errors on DNS lookups :)

0
STMSBAuthor Commented:
I has send email to my ISP. Waiting the reply.

As i know, changing the NetBIOS & FQDN may causes the connectivity problem. I not dare to change it.

 
0
STMSBAuthor Commented:
Checked and confirm the ISP has been set the Reverse DNS for us
1. 60.48.235.101   mail.sportstoto.com.my
2. 202.162.23.51   mail.sportstoto.com.my

In this case, have any impact if not resolve this Warning message?


0
Jian An LimSolutions ArchitectCommented:
in order to set back

goto your send connector and untick exchange server authentication (if you only have 1 exchange 2007)

then you should able to change your settings

0
Alan HardistyCo-OwnerCommented:
Sorry - back again.  Been busy with customers / Bank Holidays.
Your MX record points to mail.sportstoto.com which points to IP 202.162.23.54 and the Reverse DNS on that IP is missing.
This is what needs to be resolved if you don't change your IP Address.
 
0
STMSBAuthor Commented:
Hi alanhardisty,
How do you get my MX record is point to 202.162.23.54?
My MX record is not point to 202.162.23.54, is point to 202.162.23.51, as i mention above.
0
Alan HardistyCo-OwnerCommented:
0
STMSBAuthor Commented:
Hi alanhardisty,
My valid MX record is mail.sportstoto.com.my, not a sportstoto.com.
0
Alan HardistyCo-OwnerCommented:
Running a Domain report on sportstoto.com shows the following:
Your 1 MX record is:

10 mail.sportstoto.com. [TTL=3600] IP=202.162.23.54 [TTL=3600] [MY]
I don't know what you are looking at, but the rest of the world is seeing your MX record as above, not .51.
I think you are setting up your Domain's DNS records incorrectly if you are trying to get .51 as your MX record.
0
STMSBAuthor Commented:
We are using sportstoto.com.my domain. Of course cannot resolved the sportstoto.com.
The easy way to explain, why not you try mail.sportstoto.com.my? or try resolved 202.162.23.51?

 I not understand why you focus on this wrong domain. As we understand, the .com & .com.my is a total difference domain.



0
Jian An LimSolutions ArchitectCommented:
i cut it short here.

As long as your email is flowing without problem, there is no REAL impact of having it wrong, except some of the spamming software might detect and reject your email.

thats why, mxtoolbox warn you the potential. It really depends on who you deal with.


===========

so, in order to fix this,
you need to change your Hub Transport FQDN to mail.sportstoto.com.my

why you cannot change? because one of the authentication method - exchange server is ticked
if you unticked that type of authentication, you should able to change the FQDN without problem.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Alan HardistyCo-OwnerCommented:
Sorry - I don't know why I was not seeing mail.sportstoto.com.my - I have never seen a .my domain before and was somehow ignoring it : )
All seems well with that domain and the IP is pointing to the correct MX record and rDNS is correct.
0
STMSBAuthor Commented:
Finally solved this problem from 'limjianan' comment.
And also thanks for 'alanhardisty'
This case can close.

Thank You
0
Jian An LimSolutions ArchitectCommented:
cool.
please accept the answer as accepted answer and there you go :)

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft DOS

From novice to tech pro — start learning today.