hooterscasinohotel
asked on
dnsstuff.com displays one warning: One or more of your mailservers is claiming to be a host other than what it really is
WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.
I host the following domains on an Exchange 2003 server:
mail.domain1.com
mail.domain2.com
mail.domain3.com
As best I understand, A, MX, SPF, and PTR records are all entered and formed properly.
All of these domains are hosted on 69.67.xxx.xxx for their web sites (third party) and on 67.238.xxx.xxx for the email. That is local to my location here.
Each domain has an @ for 69.67.xxx.xxx and an A record of "mail" poiinting to 67.238.xxx.xxx and a CNAME record of "www" pointing to 69.67.xxx.xxx and an MX pointing to mail.DOMAINNAME.com
Each domain has the same Warning on dnsstuff.com:
WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.
mail.DOMAINNAME.com claims to be non-existent host sms.domain1.local: <br /> 220 sms.domain1.local ESMTP Symantec Mail Security <br />
sms.domain1.local is the Symantec Spam Filter between my edge router and my Microsoft Exchange environment.
Is the fix just a matter of entereing an A record for the sms.domain1.local name?
I host the following domains on an Exchange 2003 server:
mail.domain1.com
mail.domain2.com
mail.domain3.com
As best I understand, A, MX, SPF, and PTR records are all entered and formed properly.
All of these domains are hosted on 69.67.xxx.xxx for their web sites (third party) and on 67.238.xxx.xxx for the email. That is local to my location here.
Each domain has an @ for 69.67.xxx.xxx and an A record of "mail" poiinting to 67.238.xxx.xxx and a CNAME record of "www" pointing to 69.67.xxx.xxx and an MX pointing to mail.DOMAINNAME.com
Each domain has the same Warning on dnsstuff.com:
WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.
mail.DOMAINNAME.com claims to be non-existent host sms.domain1.local: <br /> 220 sms.domain1.local ESMTP Symantec Mail Security <br />
sms.domain1.local is the Symantec Spam Filter between my edge router and my Microsoft Exchange environment.
Is the fix just a matter of entereing an A record for the sms.domain1.local name?
If I've read this correctly it's the response to EHLO that is failing.
If you're running Exchange 2007 or 2010 I would create a seperate receive connector for each domain and change it's response to EHLO to match its domain.
I would recommend adding network cards, but you could add IP addresses and bind them to each connector.
If you're running Exchange 2007 or 2010 I would create a seperate receive connector for each domain and change it's response to EHLO to match its domain.
I would recommend adding network cards, but you could add IP addresses and bind them to each connector.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I do:
220 sms.domain1.local ESMTP Symantec Mail Security
Not an open relay.
0 seconds - Good on Connection time
0.608 seconds - Good on Transaction time
OK - 67.238.xxx.xxx resolves to mail.domain3.com
Warning - Reverse DNS does not match SMTP Banner
220 sms.domain1.local ESMTP Symantec Mail Security
Not an open relay.
0 seconds - Good on Connection time
0.608 seconds - Good on Transaction time
OK - 67.238.xxx.xxx resolves to mail.domain3.com
Warning - Reverse DNS does not match SMTP Banner
check this guide on how to fix it.
http://www.amset.info/exch
also you will have to call your ISP and ask them to set a PTR record for
mail.domain1.com
mail.domain2.com
mail.domain3.com
pointing to the same IP address - 67.238.xxx.xxx (public IP of your firewall)
http://www.amset.info/exch
also you will have to call your ISP and ask them to set a PTR record for
mail.domain1.com
mail.domain2.com
mail.domain3.com
pointing to the same IP address - 67.238.xxx.xxx (public IP of your firewall)
Is your last response a reply to my comment? Can't be sure.
If you are sending all mail out via your Symantec device, you need to reconfigure the Symantec device's name to mail.oneofyourdomains.com not sms.domain1.local
As you have Reverse DNs set to mail.domain3.com, change the Symantec device to this too and as long as mail.domain3.com resolves to your IP in DNS then you should be fine.
If you are sending all mail out via your Symantec device, you need to reconfigure the Symantec device's name to mail.oneofyourdomains.com not sms.domain1.local
As you have Reverse DNs set to mail.domain3.com, change the Symantec device to this too and as long as mail.domain3.com resolves to your IP in DNS then you should be fine.
ASKER
I did change the hostname of the SMS device as it was set to sms.domain1.local
According to dnsstuff.com it still is set to sms.domain1.local. Please change it as recommended above.
Sorry - I missed the bit about the Symantec mail filter too!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That's the cleanest dnsstuff domain report I have seen in a long time. Well done.
ASKER
THanks Alan, I was pretty stoked too.....
I will change the priorities to 10
I will change the priorities to 10
So are you going to share some points out? ;)
Would you like me to obscure your domain names now?
No point keeping them in the question to attract unwanted attention, unless you want it that way ; )
No point keeping them in the question to attract unwanted attention, unless you want it that way ; )
ASKER
Not sure I follow?
Change your domain name to something generic like
Mydomain.com
Mydomain.com
Thanks Sunny : )
I am a Zone Advisor and have special powers. One of those powers can be used to amend posts to obscure / hide / disguise IP Addresses / domain names to protect your domain name / IP's from unwanted attention (hackers / nasty people with computers who have too much time on their hands).
ASKER
Yes please do so!!
ASKER
ANd thank you!!
ASKER
Thank you Alan!!
You are very welcome. All part of the service : )
If it isn't then you will have problems with mail-flow.
You should also have Reverse DNS setup to match the FQDN of your mail server and the FQDN should resolve in DNS to the IP Address that you are sending your emails from.
In Exchange 2003, open up the Properties on the SMTP Virtual Server, Click on the Delivery Tab, Click the Advanced Button, then change the FQDN there.