STMSB
asked on
Warning - Reverse DNS does not match SMTP Banner
When use mxtoolbox.com to check my company SMTP diag, show the message below:
smtp:mail.sportstoto.com.m
220 MAILTOTO.stmsb.com.my ESMTP Service ready
Not an open relay.
0 seconds - Good on Connection time
1.747 seconds - Good on Transaction time
OK - 60.48.235.101 resolves to
Warning - Reverse DNS does not match SMTP Banner
Go thru the existing post, refer to below link
http://demazter.wordpress.com/2010/02/09/exchange-dns-configuration/
Found that my Exchange 2007 Server Configuration-->Hub Transport FQDN is set MAILTOTO.stmsb.com.my instead of mail.sportstoto.com.my
The Exchange 2007 Server not allow me set back mail.sportstoto.com.my and show the below message:
--------------------------
Microsoft Exchange Error
--------------------------
The following error(s) occurred while saving changes:
set-receiveconnector
Failed
Error:
When the AuthMechanism parameter on a Receive connector is set to the value ExchangeServer, you must set the FQDN parameter on the Receive connector to one of the following values: the FQDN of the transport server "MAILTOTO.stmsb.com.my", the NetBIOS name of the transport server "MAILTOTO", or $null.
The NetBIOS for this server is "MAILTOTO.stmsb.com.my".
In this situation, have any solution to solve it?
Changing the NetBIOS, it this will causes any problem? like loss communication with AD?
If remain this setting, any problem on the SEND and RECEIVE email?
Thank You
smtp:mail.sportstoto.com.m
220 MAILTOTO.stmsb.com.my ESMTP Service ready
Not an open relay.
0 seconds - Good on Connection time
1.747 seconds - Good on Transaction time
OK - 60.48.235.101 resolves to
Warning - Reverse DNS does not match SMTP Banner
Go thru the existing post, refer to below link
http://demazter.wordpress.com/2010/02/09/exchange-dns-configuration/
Found that my Exchange 2007 Server Configuration-->Hub Transport FQDN is set MAILTOTO.stmsb.com.my instead of mail.sportstoto.com.my
The Exchange 2007 Server not allow me set back mail.sportstoto.com.my and show the below message:
--------------------------
Microsoft Exchange Error
--------------------------
The following error(s) occurred while saving changes:
set-receiveconnector
Failed
Error:
When the AuthMechanism parameter on a Receive connector is set to the value ExchangeServer, you must set the FQDN parameter on the Receive connector to one of the following values: the FQDN of the transport server "MAILTOTO.stmsb.com.my", the NetBIOS name of the transport server "MAILTOTO", or $null.
The NetBIOS for this server is "MAILTOTO.stmsb.com.my".
In this situation, have any solution to solve it?
Changing the NetBIOS, it this will causes any problem? like loss communication with AD?
If remain this setting, any problem on the SEND and RECEIVE email?
Thank You
Alan Hardisty
With Exchange 2007 you have a Send connector and a Receive connector. You need to be changing the Send connector not the Receive connector. You can pretty much ignore the receive connector as this will only affect you receiving and servers don't really care what you call yourselves when they ar sending to you, they only care when you are sending to them to verify you are who you claim you are.
Also, you do not have Reverse DNS setup on your domain at all. You need to call your ISP and ask them to set this up for you.
Currently I cannot connect to your mail server, so you are either restricting your inbound IP Addresses, or you have problems.
Currently I cannot connect to your mail server, so you are either restricting your inbound IP Addresses, or you have problems.
ASKER
It mean that my Exchange Server setting is ok...Need to check with the ISP Reverse DNS setting.
By the way, my company is using 2 diffirent ISP line & the MX record as below:
1. 60.48.235.101 mail.sportstoto.com.my 10
2. 202.162.23.51 mail.sportstoto.com.my 10
We are using firewall to round-robin the connection. It this setting is a pratical or have any con?
By the way, my company is using 2 diffirent ISP line & the MX record as below:
1. 60.48.235.101 mail.sportstoto.com.my 10
2. 202.162.23.51 mail.sportstoto.com.my 10
We are using firewall to round-robin the connection. It this setting is a pratical or have any con?
I have an article here that explains how your DNS should be configured: https://www.experts-exchange.com/articles/Software/Server_Software/Email_Servers/Exchange/Exchange-DNS-Configuration.html
If you find the article useful please vote for it :)
demazter
If you find the article useful please vote for it :)
demazter
You need to set both IP's up as MX records if that is the case. You also need to make sure you have Reverse DNS setup on both IP Addresses too.
If you have SPF (Sender Policy Framework) setup in your DNS records, you will also need to make sure you specify both IP's in the record otherwise some people will reject you. If you don't have SPF setup, then that should not be a problem.
Not sure exactly if your round-robin aproach will work technically as I have yet to try this method out, but maybe Demazter has seen this before?
If you have SPF (Sender Policy Framework) setup in your DNS records, you will also need to make sure you specify both IP's in the record otherwise some people will reject you. If you don't have SPF setup, then that should not be a problem.
Not sure exactly if your round-robin aproach will work technically as I have yet to try this method out, but maybe Demazter has seen this before?
>>When the AuthMechanism parameter on a Receive connector is set to the value ExchangeServer, you must set the FQDN parameter on the Receive connector to one of the following values: the FQDN of the transport server "MAILTOTO.stmsb.com.my", the NetBIOS name of the transport server "MAILTOTO", or $null.
This is because of the permission and authentication groups you have on your receive connector, is this the only Hub Transport role? If so then you only need anonymouse access under permission groups and TLS ticked under authentication.
Once you have done this you will be able to change the FQDN#
Although as alanhardisty has said this isn't REALLY required it's just nice for completeness and to remove the errors on DNS lookups :)
This is because of the permission and authentication groups you have on your receive connector, is this the only Hub Transport role? If so then you only need anonymouse access under permission groups and TLS ticked under authentication.
Once you have done this you will be able to change the FQDN#
Although as alanhardisty has said this isn't REALLY required it's just nice for completeness and to remove the errors on DNS lookups :)
ASKER
I has send email to my ISP. Waiting the reply.
As i know, changing the NetBIOS & FQDN may causes the connectivity problem. I not dare to change it.
As i know, changing the NetBIOS & FQDN may causes the connectivity problem. I not dare to change it.
ASKER
Checked and confirm the ISP has been set the Reverse DNS for us
1. 60.48.235.101 mail.sportstoto.com.my
2. 202.162.23.51 mail.sportstoto.com.my
In this case, have any impact if not resolve this Warning message?
1. 60.48.235.101 mail.sportstoto.com.my
2. 202.162.23.51 mail.sportstoto.com.my
In this case, have any impact if not resolve this Warning message?
in order to set back
goto your send connector and untick exchange server authentication (if you only have 1 exchange 2007)
then you should able to change your settings
goto your send connector and untick exchange server authentication (if you only have 1 exchange 2007)
then you should able to change your settings
Sorry - back again. Been busy with customers / Bank Holidays.
Your MX record points to mail.sportstoto.com which points to IP 202.162.23.54 and the Reverse DNS on that IP is missing.
This is what needs to be resolved if you don't change your IP Address.
Your MX record points to mail.sportstoto.com which points to IP 202.162.23.54 and the Reverse DNS on that IP is missing.
This is what needs to be resolved if you don't change your IP Address.
ASKER
Hi alanhardisty,
How do you get my MX record is point to 202.162.23.54?
My MX record is not point to 202.162.23.54, is point to 202.162.23.51, as i mention above.
How do you get my MX record is point to 202.162.23.54?
My MX record is not point to 202.162.23.54, is point to 202.162.23.51, as i mention above.
ASKER
Hi alanhardisty,
My valid MX record is mail.sportstoto.com.my, not a sportstoto.com.
My valid MX record is mail.sportstoto.com.my, not a sportstoto.com.
Running a Domain report on sportstoto.com shows the following:
Your 1 MX record is:
10 mail.sportstoto.com. [TTL=3600] IP=202.162.23.54 [TTL=3600] [MY]
I don't know what you are looking at, but the rest of the world is seeing your MX record as above, not .51.
I think you are setting up your Domain's DNS records incorrectly if you are trying to get .51 as your MX record.
Your 1 MX record is:
10 mail.sportstoto.com. [TTL=3600] IP=202.162.23.54 [TTL=3600] [MY]
I don't know what you are looking at, but the rest of the world is seeing your MX record as above, not .51.
I think you are setting up your Domain's DNS records incorrectly if you are trying to get .51 as your MX record.
ASKER
We are using sportstoto.com.my domain. Of course cannot resolved the sportstoto.com.
The easy way to explain, why not you try mail.sportstoto.com.my? or try resolved 202.162.23.51?
I not understand why you focus on this wrong domain. As we understand, the .com & .com.my is a total difference domain.
The easy way to explain, why not you try mail.sportstoto.com.my? or try resolved 202.162.23.51?
I not understand why you focus on this wrong domain. As we understand, the .com & .com.my is a total difference domain.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sorry - I don't know why I was not seeing mail.sportstoto.com.my - I have never seen a .my domain before and was somehow ignoring it : )
All seems well with that domain and the IP is pointing to the correct MX record and rDNS is correct.
All seems well with that domain and the IP is pointing to the correct MX record and rDNS is correct.
ASKER
Finally solved this problem from 'limjianan' comment.
And also thanks for 'alanhardisty'
This case can close.
Thank You
And also thanks for 'alanhardisty'
This case can close.
Thank You
cool.
please accept the answer as accepted answer and there you go :)
please accept the answer as accepted answer and there you go :)