Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 504
  • Last Modified:

dnsstuff.com displays one warning: One or more of your mailservers is claiming to be a host other than what it really is

WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.

I host the following domains on an Exchange 2003 server:

mail.domain1.com
mail.domain2.com
mail.domain3.com

As best I understand, A, MX, SPF, and PTR records are all entered and formed properly.
All of these domains are hosted on 69.67.xxx.xxx for their web sites (third party) and on 67.238.xxx.xxx for the email.  That is local to my location here.

Each domain has an @ for 69.67.xxx.xxx and an A record of "mail" poiinting to 67.238.xxx.xxx and a CNAME record of "www" pointing to  69.67.xxx.xxx and an MX pointing to mail.DOMAINNAME.com

Each domain has the same Warning on dnsstuff.com:

WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.

mail.DOMAINNAME.com claims to be non-existent host sms.domain1.local: <br /> 220 sms.domain1.local ESMTP Symantec Mail Security <br />

sms.domain1.local is the Symantec Spam Filter between my edge router and my Microsoft Exchange environment.

Is the fix just a matter of entereing an A record for the sms.domain1.local name?
0
hooterscasinohotel
Asked:
hooterscasinohotel
  • 10
  • 8
  • 3
  • +1
4 Solutions
 
Alan HardistyCo-OwnerCommented:
Your server should be named as a Fully Qualified Domain Name e.g. mail.yourdomain.com
If it isn't then you will have problems with mail-flow.
You should also have Reverse DNS setup to match the FQDN of your mail server and the FQDN should resolve in DNS to the IP Address that you are sending your emails from.
In Exchange 2003, open up the Properties on the SMTP Virtual Server, Click on the Delivery Tab, Click the Advanced Button, then change the FQDN there.
0
 
Tony JLead Technical ArchitectCommented:
If I've read this correctly it's the response to EHLO that is failing.

If you're running Exchange 2007 or 2010 I would create a seperate receive connector for each domain and change it's response to EHLO to match its domain.

I would recommend adding network cards, but you could add IP addresses and bind them to each connector.

0
 
Alan HardistyCo-OwnerCommented:
Sorry - missed the bit about the Symantec Box.
Does your Yellow box send out mail, or just receive it?
If it sends, then you need to change the FQDN - if not, then it can be ignored as dnsstuff is reporting on the wrong setting.  But do check the location I posted earlier and make sure that is set correctly.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
sunnyc7Commented:
Go to www.mxtoolbox.com
click SMTP diagnostics.

enter all the 3 domains and see if you have a Reverse DNS doesnt match banner

post back results please.

thanks
0
 
hooterscasinohotelAuthor Commented:
I do:


220 sms.domain1.local ESMTP Symantec Mail Security


Not an open relay.
0 seconds - Good on Connection time
0.608 seconds - Good on Transaction time
OK - 67.238.xxx.xxx resolves to mail.domain3.com
Warning - Reverse DNS does not match SMTP Banner

0
 
sunnyc7Commented:
check this guide on how to fix it.
http://www.amset.info/exchange/dnsconfig.asp

also you will have to call your ISP and ask them to set a PTR record for

mail.domain1.com
mail.domain2.com
mail.domain3.com

pointing to the same IP address - 67.238.xxx.xxx (public IP of your firewall)
0
 
Alan HardistyCo-OwnerCommented:
Is your last response a reply to my comment? Can't be sure.

If you are sending all mail out via your Symantec device, you need to reconfigure the Symantec device's name to mail.oneofyourdomains.com not sms.domain1.local

As you have Reverse DNs set to mail.domain3.com, change the Symantec device to this too and as long as mail.domain3.com resolves to your IP in DNS then you should be fine.
0
 
hooterscasinohotelAuthor Commented:
I did change the hostname of the SMS device as it was set to sms.domain1.local

0
 
Alan HardistyCo-OwnerCommented:
According to dnsstuff.com it still is set to sms.domain1.local. Please change it as recommended above.
0
 
Tony JLead Technical ArchitectCommented:
Sorry - I missed the bit about the Symantec mail filter too!
0
 
hooterscasinohotelAuthor Commented:
Guys thank you for the guidance to the   Reverse DNS doesnt match banner   test.  I was able to navigate my offending device that was delivering the invalid information on the SMTP greeting.

I have re run this test and this now is functional.
0
 
Alan HardistyCo-OwnerCommented:
You have a different greeting now and the report is clean.

Your MX record for domain1 is set to priority 0, which is not recommended as some servers have issues with 0 priority MX records. Please set it to anything other than 0.
0
 
Alan HardistyCo-OwnerCommented:
That's the cleanest dnsstuff domain report I have seen in a long time.  Well done.
0
 
hooterscasinohotelAuthor Commented:
THanks Alan, I was pretty stoked too.....

I will change the priorities to 10
0
 
Tony JLead Technical ArchitectCommented:
So are you going to share some points out? ;)
0
 
Alan HardistyCo-OwnerCommented:
Would you like me to obscure your domain names now?
No point keeping them in the question to attract unwanted attention, unless you want it that way ; )
0
 
hooterscasinohotelAuthor Commented:
Not sure I follow?
0
 
sunnyc7Commented:
Change your domain name to something generic like
Mydomain.com
0
 
Alan HardistyCo-OwnerCommented:
Thanks Sunny : )
0
 
Alan HardistyCo-OwnerCommented:
I am a Zone Advisor and have special powers.  One of those powers can be used to amend posts to obscure / hide / disguise IP Addresses / domain names to protect your domain name / IP's from unwanted attention (hackers / nasty people with computers who have too much time on their hands).
0
 
hooterscasinohotelAuthor Commented:
Yes please do so!!
0
 
hooterscasinohotelAuthor Commented:
ANd thank you!!
0
 
hooterscasinohotelAuthor Commented:
Thank you Alan!!
0
 
Alan HardistyCo-OwnerCommented:
You are very welcome.  All part of the service : )
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 10
  • 8
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now