?
Solved

Warning - Reverse DNS does not match SMTP Banner

Posted on 2010-03-25
20
Medium Priority
?
949 Views
Last Modified: 2012-05-09
When use mxtoolbox.com to check my company SMTP diag, show the message below:

smtp:mail.sportstoto.com.my     smtp    
220 MAILTOTO.stmsb.com.my ESMTP Service ready
 Not an open relay.
 0 seconds - Good on Connection time
 1.747 seconds - Good on Transaction time
 OK - 60.48.235.101 resolves to
 Warning - Reverse DNS does not match SMTP Banner

Go thru the existing post, refer to below link
http://demazter.wordpress.com/2010/02/09/exchange-dns-configuration/

Found that my Exchange 2007 Server Configuration-->Hub Transport FQDN is set MAILTOTO.stmsb.com.my instead of mail.sportstoto.com.my

The Exchange 2007 Server not allow me set back mail.sportstoto.com.my and show the below message:
--------------------------------------------------------
Microsoft Exchange Error
--------------------------------------------------------
The following error(s) occurred while saving changes:

set-receiveconnector
Failed
Error:
When the AuthMechanism parameter on a Receive connector is set to the value ExchangeServer, you must set the FQDN parameter on the Receive connector to one of the following values: the FQDN of the transport server "MAILTOTO.stmsb.com.my", the NetBIOS name of the transport server "MAILTOTO", or $null.

The NetBIOS for this server is "MAILTOTO.stmsb.com.my".

In this situation, have any solution to solve it?
Changing the NetBIOS, it this will causes any problem? like loss communication with AD?

If remain this setting, any problem on the SEND and RECEIVE email?

Thank You
0
Comment
Question by:STMSB
  • 7
  • 7
  • 3
  • +1
19 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 28531851
With Exchange 2007 you have a Send connector and a Receive connector.  You need to be changing the Send connector not the Receive connector. You can pretty much ignore the receive connector as this will only affect you receiving and servers don't really care what you call yourselves when they ar sending to you, they only care when you are sending to them to verify you are who you claim you are.
 
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 28532056
Also, you do not have Reverse DNS setup on your domain at all.  You need to call your ISP and ask them to set this up for you.
Currently I cannot connect to your mail server, so you are either restricting your inbound IP Addresses, or you have problems.
0
 

Author Comment

by:STMSB
ID: 28532719
It mean that my Exchange Server setting is ok...Need to check with the ISP Reverse DNS setting.

By the way, my company is using 2 diffirent ISP line & the MX record as below:
1. 60.48.235.101   mail.sportstoto.com.my  10
2. 202.162.23.51   mail.sportstoto.com.my  10

We are using firewall to round-robin the connection. It this setting is a pratical or have any con?
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
LVL 74

Expert Comment

by:Glen Knight
ID: 28532828
I have an article here that explains how your DNS should be configured: http://www.experts-exchange.com/articles/Software/Server_Software/Email_Servers/Exchange/Exchange-DNS-Configuration.html
If you find the article useful please vote for it :)

demazter
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 28533878
You need to set both IP's up as MX records if that is the case.  You also need to make sure you have Reverse DNS setup on both IP Addresses too.
If you have SPF (Sender Policy Framework) setup in your DNS records, you will also need to make sure you specify both IP's in the record otherwise some people will reject you.  If you don't have SPF setup, then that should not be a problem.
Not sure exactly if your round-robin aproach will work technically as I have yet to try this method out, but maybe Demazter has seen this before?
 
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 28534093
>>When the AuthMechanism parameter on a Receive connector is set to the value ExchangeServer, you must set the FQDN parameter on the Receive connector to one of the following values: the FQDN of the transport server "MAILTOTO.stmsb.com.my", the NetBIOS name of the transport server "MAILTOTO", or $null.

This is because of the permission and authentication groups you have on your receive connector, is this the only Hub Transport role? If so then you only need anonymouse access under permission groups and TLS ticked under authentication.

Once you have done this you will be able to change the FQDN#

Although as alanhardisty has said this isn't REALLY required it's just nice for completeness and to remove the errors on DNS lookups :)

0
 

Author Comment

by:STMSB
ID: 28934941
I has send email to my ISP. Waiting the reply.

As i know, changing the NetBIOS & FQDN may causes the connectivity problem. I not dare to change it.

 
0
 

Author Comment

by:STMSB
ID: 29159462
Checked and confirm the ISP has been set the Reverse DNS for us
1. 60.48.235.101   mail.sportstoto.com.my
2. 202.162.23.51   mail.sportstoto.com.my

In this case, have any impact if not resolve this Warning message?


0
 
LVL 38

Expert Comment

by:Jian An Lim
ID: 29509934
in order to set back

goto your send connector and untick exchange server authentication (if you only have 1 exchange 2007)

then you should able to change your settings

0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 29573309
Sorry - back again.  Been busy with customers / Bank Holidays.
Your MX record points to mail.sportstoto.com which points to IP 202.162.23.54 and the Reverse DNS on that IP is missing.
This is what needs to be resolved if you don't change your IP Address.
 
0
 

Author Comment

by:STMSB
ID: 29989848
Hi alanhardisty,
How do you get my MX record is point to 202.162.23.54?
My MX record is not point to 202.162.23.54, is point to 202.162.23.51, as i mention above.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 29996177
0
 

Author Comment

by:STMSB
ID: 29996520
Hi alanhardisty,
My valid MX record is mail.sportstoto.com.my, not a sportstoto.com.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 29997336
Running a Domain report on sportstoto.com shows the following:
Your 1 MX record is:

10 mail.sportstoto.com. [TTL=3600] IP=202.162.23.54 [TTL=3600] [MY]
I don't know what you are looking at, but the rest of the world is seeing your MX record as above, not .51.
I think you are setting up your Domain's DNS records incorrectly if you are trying to get .51 as your MX record.
0
 

Author Comment

by:STMSB
ID: 29998604
We are using sportstoto.com.my domain. Of course cannot resolved the sportstoto.com.
The easy way to explain, why not you try mail.sportstoto.com.my? or try resolved 202.162.23.51?

 I not understand why you focus on this wrong domain. As we understand, the .com & .com.my is a total difference domain.



0
 
LVL 38

Accepted Solution

by:
Jian An Lim earned 2000 total points
ID: 30006048
i cut it short here.

As long as your email is flowing without problem, there is no REAL impact of having it wrong, except some of the spamming software might detect and reject your email.

thats why, mxtoolbox warn you the potential. It really depends on who you deal with.


===========

so, in order to fix this,
you need to change your Hub Transport FQDN to mail.sportstoto.com.my

why you cannot change? because one of the authentication method - exchange server is ticked
if you unticked that type of authentication, you should able to change the FQDN without problem.

0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 30065332
Sorry - I don't know why I was not seeing mail.sportstoto.com.my - I have never seen a .my domain before and was somehow ignoring it : )
All seems well with that domain and the IP is pointing to the correct MX record and rDNS is correct.
0
 

Author Comment

by:STMSB
ID: 30158632
Finally solved this problem from 'limjianan' comment.
And also thanks for 'alanhardisty'
This case can close.

Thank You
0
 
LVL 38

Expert Comment

by:Jian An Lim
ID: 30161507
cool.
please accept the answer as accepted answer and there you go :)

0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are literally thousands of Exchange recovery applications out there. So how do you end up picking one that’s ideal for your business & purpose? By carefully scouting the product’s features, the benefits it offers you, & reading ample reviews f…
The Exchange database may sometimes fail to mount owing to various technical reasons. A dismounted EDB file can be the source of many Exchange errors including mailbox inaccessibility for users. Resolving the root cause of mounting problems becomes …
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question