• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4421
  • Last Modified:

address 550 Sender verify failed SMTP Error

Hi Guys

A User was getting the below bounceback sending to some servers:

This is the mail system at host out03.mx.trendmicro.eu.

"I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<xx@xx.com>: host mail.xx.com[x.x.x.x] said:
    550-Verification failed for <my@exchangeserver.com>
550-Unrouteable
    address 550 Sender verify failed (in reply to RCPT TO command) "

I initially thought it was a misconfigured SMTP smarthost so I Switched them over to Trend Micro hosted spam filtering (which includes outbound filtering via a smarthost) but they still get the same bounceback.

The server is SBS 2003 (which uses Exchange 2003), exchange is configured to forward all outbound e-mail to a smarthost (trend) which works fine for the most part, the virtual SMTP server is restricted to talking to only Trends servers if thats relevent.

I'm guessing theres something wrong with their domain/DNS but i've never seen this error, any ideas what to look for?

Thanks
0
Corp_Jones
Asked:
Corp_Jones
  • 6
  • 4
  • 3
  • +5
6 Solutions
 
Jamie McKillopIT ManagerCommented:
Hello,

Verify that the there is an MX record for "exchangeserver.com" and that the address "my@exchangeserver.com" exists.

JJ
0
 
Corp_JonesAuthor Commented:
There is only one MX record which points to Trends servers (we need this that way so they filter the spam before sending it onto our server), the address definately exists.
0
 
shauncroucherCommented:
Do you have a SPF record for the domain? Does the SPF include the smarthost server for sending mail?

command prompt:

nslookup -q=txt example.com

Shaun
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Corp_JonesAuthor Commented:
Thanks Shaun, tried that for the problem domain and I got:

"*** No text (TXT) records available for mydomain.com" so it looks like there is no SPF record
0
 
Cris HannaCommented:
it would be really helpful to know the actual sending domain.
Who hosts the public DNS for the sending domain?  I suspect that there is no reverse look up for the public IP assigned to the SBS server.
One of the best tools out there is mxtoolbox.com
you can verify whether or not ptr records exist.   If no ptr record is configured...this is usually done by the ISP providing the static IP
0
 
itgrooveCommented:
Hey there, I'm sure you want to keep your domain private, so as we can't evaluate the problem for you by checking/doing lookups, try this tool at least, with your various domain name information and see if it points out anything obvious for you or for the party you are trying to work with send from/to.
http://www.mxtoolbox.com/SuperTool.aspx 
0
 
Peter HartCommented:
do you have 2 DSL lines going into your place?  one client had DSL load balancing and they gave 2 IP address that screwed with the mail servers who then suspect them of spamming
to check disable the load balencing of DSL (if you have that)
0
 
Corp_JonesAuthor Commented:
Domain is    foxclublondon.com

my understanding was that ptr records are not needed when using a smarthost. In this case I'm using trends outgoing server as smarthost which would have correct ptr record, is this not correct?
0
 
shauncroucherCommented:
No, if you use a smarthost for outbound you don't need to worry about PTR/rDNS entries.

I would speak to trend about this issue, as you use them for inbound and outbound mail, and your domain looks fine, I'd speak to them about it.

Shaun
0
 
Corp_JonesAuthor Commented:
Hmm, it can't be trend though as our other smarthost (ISP) had exactly the same issue
0
 
giltjrCommented:
I'm a bit confused.  So just to make sure I understand.

The 550 message is coming from the recipient's SMTP server, right?

If it is coming from the recipient's SMTP server, does that SMTP server always reject your e-mail, or does it just do it sometimes?  



0
 
Corp_JonesAuthor Commented:
Its always rejected from certain peoples SMTP servers
0
 
giltjrCommented:
If possible I would try and contact at least one or two of them and see if they can tell you why they are rejecting you.  

Although I will say I still think the smarthost needs a PTR record that points back to your domain.

If their SMTP server does a reverse lookup on the smarthost's IP address it expects a response and that response should include your domain.
0
 
shauncroucherCommented:
That's not true giltjr - the PTR record does not need to relate to your email domain name whatsoever.

The PTR record is used to identify the internet host itself (server), it has nothing to do with the domain you use to send mail.

I would be tempted to check the email header and just double check that mail is coming from the smarthost IP and not your own.

See my general article on DNS requirements and SMTP: http://exchangeshell.wordpress.com/2010/03/12/exchange-send-connector-ehlo-and-dns-data-rdns-ptr-mx-spf-txt-a-record

Shaun
0
 
giltjrCommented:
I have seen e-mail servers that will reject e-mail if the IP address does not have a PTR record pointing to domain the e-mail is coming from.

I have seen e-mail servers that will reject e-mail if the IP address does not have a PTR record that does not match the domain name on the HELO/EHLO command.

Although it should not be that way.  I have seen it.
0
 
shauncroucherCommented:
If a mail server is configured to reject mail because the PTR does not contain the email domain name it is badly misconfigured and it needs fixing.

Think about every 'hosted email solution' on earth (rackspace, google apps, microsoft online, smtpauth.com) - no mail could be sent from them at all because the hosting companies MTA wouldn't contain the customers domain. Also, no mail could be sent from any smarthost in the world as they don't contain the customers domain.

Basically, smarthosts and email hosting would be impossible if the receiving server rejected on this criteria.  

The PTR record SHOULD match the EHLO greeting, but it doesn't need to match the sending email domain in any way, same reasons as above.

Shaun
0
 
bevhostCommented:
I have a mail testing tool here which may help you.

http://tools.bevhost.com/spf
0
 
Corp_JonesAuthor Commented:
Was other end and not our server/domain, not sure what they did but it sorted out the issues.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 6
  • 4
  • 3
  • +5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now