Orionreno
asked on
domain name is blocked from sending email to a small handful of other domains. Not on a blacklist.
Sent emails appear in the mailbox queue attempting to "retry". After 24 hours a message is sent to the internal sender saying, that is still trying to send. in 48 hours the message fails. This is happening on about 10% of our email and it is happening to the same domains. 90% of the email is being sent properly. I've checked blacklists repetedly and mxtoolbox says I'm ok with the exception of the diagnostics which says, "Warning - Reverse DNS does not match SMTP Banner".
This problem started 4/8/10
thanks for your help.
Chuck
This problem started 4/8/10
thanks for your help.
Chuck
Add these two records in your external DNS server and hopefully your troubles will go away:
1. PTR record for your Outgoing Mail Server.
2. SPF Record ( Always Nice to Have)
Can you please specify the domains to which you are not able to send email. It could be many reason but absence of Reverse DNS could be one of them since it is used for Sender ID filtering etc.
Hilal
1. PTR record for your Outgoing Mail Server.
2. SPF Record ( Always Nice to Have)
Can you please specify the domains to which you are not able to send email. It could be many reason but absence of Reverse DNS could be one of them since it is used for Sender ID filtering etc.
Hilal
Hello,
PaciB has the process and cause of your problem almost correct but not quite. The recipient's server is doing a reverse DNS lookup on the IP of your server. It is then comparing the DNS name returned for your IP to the hostname name you specified in your SMTP banner. In your case, they do not match.
You need to ensure three things are correct and all match up. First, that you have a revese DNS (PTR) record created for the IP of your sending mail server. Second, you need to ensure that you have an 'A' record for your sending mail server. The IP and hostname should match exactly between the two records. Third, the hostname specified in your SMTP banner should match the hostname you specified inthe DNS records.
JJ
PaciB has the process and cause of your problem almost correct but not quite. The recipient's server is doing a reverse DNS lookup on the IP of your server. It is then comparing the DNS name returned for your IP to the hostname name you specified in your SMTP banner. In your case, they do not match.
You need to ensure three things are correct and all match up. First, that you have a revese DNS (PTR) record created for the IP of your sending mail server. Second, you need to ensure that you have an 'A' record for your sending mail server. The IP and hostname should match exactly between the two records. Third, the hostname specified in your SMTP banner should match the hostname you specified inthe DNS records.
JJ
ASKER
Thanks to both for your replies!
When I do a reverse DNS lookup on mail.temperatsure.com (67.138.10.235) everything appears correct. I even went into the default SMTP Virtual Server Properties, Advanced delivery and changed my FQDN to mail.temperatsure.com from "server".temperatsure.com.
As for the domains not going through: donahue-corry.com, hotmail.com, pdspack.com, sentrybps.com, staples.com, unisourcelink.com, and verizon.com.
I changed my public IP a few months ago (November), and the ISP failed to put in the PTR record in, which they did about 3 days later. Everything has been working great up until 4/8/10.
I'm pulling out the little hair I have left!
Thanks again ofr all your help!
When I do a reverse DNS lookup on mail.temperatsure.com (67.138.10.235) everything appears correct. I even went into the default SMTP Virtual Server Properties, Advanced delivery and changed my FQDN to mail.temperatsure.com from "server".temperatsure.com.
As for the domains not going through: donahue-corry.com, hotmail.com, pdspack.com, sentrybps.com, staples.com, unisourcelink.com, and verizon.com.
I changed my public IP a few months ago (November), and the ISP failed to put in the PTR record in, which they did about 3 days later. Everything has been working great up until 4/8/10.
I'm pulling out the little hair I have left!
Thanks again ofr all your help!
The SMTP banner for your server is mail.temperatsure.local. You need to change the .local to .com
JJ
JJ
ASKER
jjmck,
Thanks for this,
I've read alot about the SMTP banner but to change it is very unclear to me. I went to support tools and ran ldp.exe. And honestly I have no idea where to make the necessary change to make the banner correct.
Thanks for this,
I've read alot about the SMTP banner but to change it is very unclear to me. I went to support tools and ran ldp.exe. And honestly I have no idea where to make the necessary change to make the banner correct.
Open ESM, expand your server - protocols - SMTP and open the Properties page for the Default SMTP Virtual Server. Go to the Delivery tab and click Advanced. In the Fully-qualified domain name field, enter mail.temperatsure.com
JJ
JJ
ASKER
jjmck,
I made the change in "advanced delivery" I cant believe that I missed the .local vs. .com.
How did you see that? I looked at mxtoolbox, dnsstuff, and a host of other sites without seeing the .local ?
I made the change in "advanced delivery" I cant believe that I missed the .local vs. .com.
How did you see that? I looked at mxtoolbox, dnsstuff, and a host of other sites without seeing the .local ?
You would not see the .local unless you telnet to your mail server, which is what I did. All your DNS records are correct, which is why the other tools showed everything was OK.
JJ
JJ
ASKER
Will the emails in Queue eventually send? Is there anything I need to do at this point (restart svcs, restart server etc)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
HUGE RELIEF!
Thanks jjmck. You made it easy!
Thanks jjmck. You made it easy!
This in a common error in a mail server configuration.
When your mail server delivers mails to remote destination mail servers a SMTP dialog occurs between the two parts. The dialog starts by a SMTP command "HELO mymaildomain.com" sent by the emitting serer to the receiving server.
In the command succeed, the SMTP dialog goes on with successives SMTP commands like "MAIL FROM:myuser@mymaildomain.c
To avoid forged e-mails from Internet spammers, some mail servers make a Reverse DNS check on the IP address of your server.
This means that just after you send the "HELO mymaildomain.com" the receiving server takes the IP address of your sending mail server and ask Internet DNS servers with a reverse query to obtain the DNS name matching this IP address (let's say the result is "mailserver1.mymaildomain.
After that, the receiving server takes the SMTP domain name your server gave in the HELO command (here it is "mymaildomain.com") and asks Internet DNS servers for the MX record for this name. Let's say the DNS servers answer is "mailserver1.mymaildomain.
As the MX record contains the name "mailserver1.mymaildomain.
If there's no matching between the name obtained in the MX record and the name obtained by the reverse DNs query the receiving server usually close immediatly the SMTP session and the delivery is aborted... you mail server then keep the outgoing mail in its delivry queue for a future retries. By default, after 48 hours of retries the mail is removed form the delivery queue and will not be delivered any more...
What probably cause your problem is that the DNS reverse record for your outgoing SMTP server is missing or is not matching the names in the MX record for your SMTP domain.
You have to check that and eventually make it fixed by your ISP.
Have a good day.