address 550 Sender verify failed SMTP Error

Hi Guys

A User was getting the below bounceback sending to some servers:

This is the mail system at host out03.mx.trendmicro.eu.

"I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<xx@xx.com>: host mail.xx.com[x.x.x.x] said:
    550-Verification failed for <my@exchangeserver.com>
550-Unrouteable
    address 550 Sender verify failed (in reply to RCPT TO command) "

I initially thought it was a misconfigured SMTP smarthost so I Switched them over to Trend Micro hosted spam filtering (which includes outbound filtering via a smarthost) but they still get the same bounceback.

The server is SBS 2003 (which uses Exchange 2003), exchange is configured to forward all outbound e-mail to a smarthost (trend) which works fine for the most part, the virtual SMTP server is restricted to talking to only Trends servers if thats relevent.

I'm guessing theres something wrong with their domain/DNS but i've never seen this error, any ideas what to look for?

Thanks
Corp_JonesAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jamie McKillopIT ManagerCommented:
Hello,

Verify that the there is an MX record for "exchangeserver.com" and that the address "my@exchangeserver.com" exists.

JJ
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Corp_JonesAuthor Commented:
There is only one MX record which points to Trends servers (we need this that way so they filter the spam before sending it onto our server), the address definately exists.
0
shauncroucherCommented:
Do you have a SPF record for the domain? Does the SPF include the smarthost server for sending mail?

command prompt:

nslookup -q=txt example.com

Shaun
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Corp_JonesAuthor Commented:
Thanks Shaun, tried that for the problem domain and I got:

"*** No text (TXT) records available for mydomain.com" so it looks like there is no SPF record
0
Cris HannaSr IT Support EngineerCommented:
it would be really helpful to know the actual sending domain.
Who hosts the public DNS for the sending domain?  I suspect that there is no reverse look up for the public IP assigned to the SBS server.
One of the best tools out there is mxtoolbox.com
you can verify whether or not ptr records exist.   If no ptr record is configured...this is usually done by the ISP providing the static IP
0
itgrooveCommented:
Hey there, I'm sure you want to keep your domain private, so as we can't evaluate the problem for you by checking/doing lookups, try this tool at least, with your various domain name information and see if it points out anything obvious for you or for the party you are trying to work with send from/to.
http://www.mxtoolbox.com/SuperTool.aspx 
0
Peter HartCommented:
do you have 2 DSL lines going into your place?  one client had DSL load balancing and they gave 2 IP address that screwed with the mail servers who then suspect them of spamming
to check disable the load balencing of DSL (if you have that)
0
Corp_JonesAuthor Commented:
Domain is    foxclublondon.com

my understanding was that ptr records are not needed when using a smarthost. In this case I'm using trends outgoing server as smarthost which would have correct ptr record, is this not correct?
0
shauncroucherCommented:
No, if you use a smarthost for outbound you don't need to worry about PTR/rDNS entries.

I would speak to trend about this issue, as you use them for inbound and outbound mail, and your domain looks fine, I'd speak to them about it.

Shaun
0
Corp_JonesAuthor Commented:
Hmm, it can't be trend though as our other smarthost (ISP) had exactly the same issue
0
giltjrCommented:
I'm a bit confused.  So just to make sure I understand.

The 550 message is coming from the recipient's SMTP server, right?

If it is coming from the recipient's SMTP server, does that SMTP server always reject your e-mail, or does it just do it sometimes?  



0
Corp_JonesAuthor Commented:
Its always rejected from certain peoples SMTP servers
0
giltjrCommented:
If possible I would try and contact at least one or two of them and see if they can tell you why they are rejecting you.  

Although I will say I still think the smarthost needs a PTR record that points back to your domain.

If their SMTP server does a reverse lookup on the smarthost's IP address it expects a response and that response should include your domain.
0
shauncroucherCommented:
That's not true giltjr - the PTR record does not need to relate to your email domain name whatsoever.

The PTR record is used to identify the internet host itself (server), it has nothing to do with the domain you use to send mail.

I would be tempted to check the email header and just double check that mail is coming from the smarthost IP and not your own.

See my general article on DNS requirements and SMTP: http://exchangeshell.wordpress.com/2010/03/12/exchange-send-connector-ehlo-and-dns-data-rdns-ptr-mx-spf-txt-a-record

Shaun
0
giltjrCommented:
I have seen e-mail servers that will reject e-mail if the IP address does not have a PTR record pointing to domain the e-mail is coming from.

I have seen e-mail servers that will reject e-mail if the IP address does not have a PTR record that does not match the domain name on the HELO/EHLO command.

Although it should not be that way.  I have seen it.
0
shauncroucherCommented:
If a mail server is configured to reject mail because the PTR does not contain the email domain name it is badly misconfigured and it needs fixing.

Think about every 'hosted email solution' on earth (rackspace, google apps, microsoft online, smtpauth.com) - no mail could be sent from them at all because the hosting companies MTA wouldn't contain the customers domain. Also, no mail could be sent from any smarthost in the world as they don't contain the customers domain.

Basically, smarthosts and email hosting would be impossible if the receiving server rejected on this criteria.  

The PTR record SHOULD match the EHLO greeting, but it doesn't need to match the sending email domain in any way, same reasons as above.

Shaun
0
bevhostCommented:
I have a mail testing tool here which may help you.

http://tools.bevhost.com/spf
0
Corp_JonesAuthor Commented:
Was other end and not our server/domain, not sure what they did but it sorted out the issues.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.