Changed Static IP Address - now mail is being bounced back

One of my clients moved premises this last weekend.
They run a simple SBS 2003 server with a 15 user network.
Everything was moved over successfully.  The only real change we had to make was our static IP address, as we were moving to a different ADSL line and changing our ISP.
Since the move though, a couple of users have reported email being bounced back from addresses they could email OK in the old location.  There are several bounce message variants, but the one that gives the most information is as follows;
The following recipient(s) could not be reached:

Horn, Simone on 19/10/2010 13:59

There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.

<ourdomain.co.uk #5.5.0 smtp;550 No RDNS entry for xx.xx.xx.xx>

where the x's indicate our new static IP address.
I've looked up this error message and the universal answer is to contact the ISP and get the MX records changed for the domain to reflect the reverse DNS lookup.
However, in this case I'm a bit confused, as to my knowledge, our server has never physically been linked with our email domain in this way.  When somebody sends an email out from the organization, it is sent out through our server.  To receive email, we have set up POP3 mailboxes on the domain which our server polls, then collects and distributes to Exchange.  I know the POP3 method isn't ideal, but any idea how to sort out the email bouncing first?
Many thanks
Alex
alexh75Director, Websters Ltd.Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rob WilliamsCommented:
If you are sending out e-mail the recipient will do some spam filtering checks. Some but not all spam filtering will check to verify the reverse DNS record is correct. If not, it will bounce the e-mail.

I assume you updates your external MX records to reflect the new IP (assuming you are not using the POP connector). The Reverse DNS has to be set up with your ISP, you cannot do that.

You can test your Reverse DNS record by going to http://www.mxtoolbox.com , enter your domain, and choose look up, then in the resulting page choose SMTP.
avilovCommented:
you need to update your MX record for your domain with a new IP address. That will fix that problem

these emeil servers check if your IP address is resolving to your email host name. looks like that is not working yet and they reject connection, assuming that that is spoofing
alexh75Director, Websters Ltd.Author Commented:
Thanks, but that's precisely why I'm confused.  I haven't changed any MX records at any time (didn't do it whilst using the last static IP and that always worked ok).  We are using the POP connector as the domain is hosted using a separate provider.  They receive the email in POP mailboxes and then our SBS polls these mailboxes.
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

avilovCommented:
the fact that error message shows your new IP tells that you have SMTP server running inside your network. and that users that have delivery problems use that server as their default outgoing SMTP server.

there are not enough details about email routing, I'd check if your SMTP server is set correctly, it probaly need to relay all outgoing emails thru your email provider
Rob WilliamsCommented:
As mentioned if using the POP connector you do not need MX records to send or receive e-mail, but reverse DNS checks will fail.
It is also possible the IP you were assigned has been blacklisted by some Spam services. that too can be checked with www.mxtoolbox.com

Is your IP actually static, or is it a "sticky" IP, DHCP but always assigned the same IP. Some mail receivers block e-mail that comes from a range of IP's that are considered as DHCP. AT&T and Barracuda are notorious for this.
davorinCommented:
Look at RobWill's comment.
You have your mailboxes hosted at an external mail server and MX record for your domain is pointed  to it (POP3 connector).
While changing your static IP address of your network for part of receiving mails has nothing changed.
While sending mails the receiving servers checks rDNS settings of your (new) internet connection. The old rDNS settings replayed "here is the mail server of your domain" (e.g mail.yourdomain.com, which is the same name as it is specified in you MX records). The new one replies "here is your new domain router named xy". The receiving server doesn't like the answer, because it is expecting your mail from rDNS mail.yourdomain.com so rejects the mail. All you have to do is to ask your new internet provider to set at your new internet link rDNS setting that is the same as your MX record - mail.yourdomain.com.

Nathan-B2BCommented:
if the domain is being hosted by a seperate provider as you stated previously, then you need to setup your exchange server to forward all email to your ISP mail server and it will relay from there, as your exchange server is not authoritive for the domain.

Re-run the Internet Connection Wizard and in the email options, rather than the "use DNS to deliver email" option, select the "forward all email to host" option.
alexh75Director, Websters Ltd.Author Commented:
Hi guys

Thanks for your continued help.
davorin: Have looked at the MX record and it's not specifically mail.mydomain.com, it looks like some 3rd party domain provided by my host.  
nathan: I got the IP address for my mail server and tried to set up the relay but when I tested the outgoing mail, it just sat in a queue.  as soon as I reverted back to the original settings the mail went out.
robwill: I have been assured by the ISP that the IP is a true static IP and I have checked it is not blacklisted.
To be honest, after doing a bit of reading, would the best solution be to bite the bullet, ditch the POP connector altogether and let our server do all the sending and receiving rather than relying on other services?  That would presumably solve this problem and would be a tidier solution going forward.  As we're coming up to a weekend it would also be a good time to try and make the changes?  
Further help appreciated.
Thanks
Alex
Rob WilliamsCommented:
The POP connector is never the best solution. It is intended to be used while transitioning from POP to SMTP, however there is nothing wrong with using it, some folks do forever, and it has absolutely nothing to do with your problem.

If it has not been done already, your best bet is to use a "smart host" as Nathan-B2B suggested.I don't think you quite understood. SBS has 2 ways of sending mail, directly using DNS, or relaying (using a smarthost) through your ISP. In the first scenario the recipient sees the mail as coming from your server, in the second from the ISP. SBS 2008 uses the smarthost by default as it eliminates (most often) the problem you are having. With SBS to do so you need to re-run the CEICW (Server Management console | internet and e-mail | connect to the internet). Within the wizard choose to change the Exchange config, and choose to "use your ISP to send mail". In that box put their SMTP server name  smtp.MYISP.com
davorinCommented:
"Have looked at the MX record and it's not specifically mail.mydomain.com, it looks like some 3rd party domain provided by my host."

That is not the problem. That is quite normal configuration when mail service provider hosts multiple domains on single server.
davorinCommented:
If you will use smart host is up to you. If you will use it, your ISP provider will have to care not getting blacklisted, but troubleshooting mail flow will be a little more difficult. I prefer to be in control.
Anyway, preparing your server and internet connection for sending mail directly from your server is not bad idea. If you ISP SMTP mail servers will be down or blacklisted, you can simply change your server settings to send mail directly using DNS and you won't care about your ISP problems.

If you use the same website that RobWill mentioned ( http://www.mxtoolbox.com/diagnostic.aspx ) just enter your new static IP and check the results. In the first line behind number 220 you will see your mail server name specified in server's SMTP header. The rDNS setting have to be set with this FQDN name.
Sorry about mentioning so many time MX record. When you have only one MX record and you don't use POP3 connector all three values (MX record, SMTP header and rDNS) are the same. Mail servers actually checks if rDNS and SMTP header are the same. There exist exceptions, but I won't write about that right now.
Nathan-B2BCommented:
Yes, moving from the pop connector setup to hosting your own email would be the best step forward.

It would involve you asking your domain host to update the MX record to point to your static IP address where the sbs boxes resides.

However, also ensure your ISP updates their rDNS settings so that it also points to the static IP address.

For example, say your static IP address is currently 222.111.111.222 at the location where the office is.

Your domain host will need to -

1. Add an A record of smtp.mydomain.com that points to 222.111.111.222
2. Update MX record so that it points to smtp.mydomain.com (ie MX 5 mydomain.com points to smtp.mydomain.com)

Your ISP will need to -

1.  update your rDNS so that 222.111.111.222 points to smtp.mydomain.com.

Once all the above has been done, re-run the internet connection wizard on the SBS box and ensure you untick the POP connector and change the email routing option to the first option (route outgoing email via DNS).

Then, the final step to check that your ISP and domain host have done there part is -

1.  Open up a command prompt from any machine connected to the internet.
2.  Type ping smtp.mydomain.com (it should return - pinging smtp.mydomain.com [222.111.111.222] with 32 bytes of data.  If it says that, you are good to go - doesn't matter if you actually get a reply or timeout message.  This just proves that the A record has been setup correctly by your domain host).
3.  Type ping -a 222.111.111.222.  You should see the same result as in #2.  This proves that rDNS has been setup correctly and your ISP has done their job correctly.

Hope this helps.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rob WilliamsCommented:
Though I agree the POP connector is not the most efficient solution, it is not the source of the problem. The POP connector 'pulls' the mail, your problem is sending.
avilovCommented:
yep. the problem is with SMTP server. you either change your MX record, or configure relay thru email provider where your MX points now
davorinCommented:
@Avilov:
I must correct you - He must correct not MX record, but reverse DNS record or use ISP provider (or maybe mail host provider) mail server for smart host.
alexh75Director, Websters Ltd.Author Commented:
OK thanks for all the advice guys.  
I was never under the illusion that the POP connector had anything to do with the problem  It's just that this is the way that the server has been set up, and I know that if we did go down the route of hosting our own email, we would have to dispense with it.  Whilst the smarthost is a good idea as well, I would prefer as a long term view to host our own email, so I'm looking at Nathan's walkthrough.
Domain Host Requirements - I can login to the control panel here and make the changes myself.
"A" record, there is an SMTP label here already that presumably points to my host's generic mailserver IP address, so just change this.
"MX" record, yes I can change that too.
ISP requirements
Here's the weak point, I need to rely on the ISP doing this over the weekend.  What would happen on Monday if they hadn't done it?
I can run the IECW myself obviously :-)
Cheers
Alex
DPASLTDCommented:
I have not read all the detail so forgive me if I have missed some vital detail’s, I had a similar problem some years back. We host our own SMTP server, host the domain with a 3rd party and have ADSL with demon.

Even though your MX records points to your IP with your ADSL provider this does not mean a reverse DNS will succeed. What you need to do is get your ISP to create a dns record for your SMTP FQDN on their servers to point to your external IP, gateway.

This resolved all my problem of mail be bounced back on reverse DNS
Rob WilliamsCommented:
>>"Whilst the smarthost is a good idea as well, I would prefer as a long term view to host our own email"
I don't think you understand what a smarthost is. With a smart host you still host your own e-mail. Nothing changes in that respect. It is just forwarded through your ISP's SMTP server. The advantage of this is the recipient sees it (if they look in the headers) the mail as coming from the ISP and not from your server. This usually eliminates problems with recipients blocking your e-mail. SBS 2003 and SBS 2008 both have the option of using DNS (send direct) or using a smarthost (relaying) e-mail. SBS 2003 by default uses DNS, SBS 2008 by default uses SmartHosts. Microsoft choose to switch the default to smarthosts as DNS has become more and more of a problem for small companies to manage, and it has resolved the problems for most folk having issues such as yours in the past. Basically there is less chance of your ISP being blocked than you.

Again back to the POP connector. Not changing the point that this has nothing to do with your problem, but just a comment: The only issue with the POP connector is it has to connect to the Mail host for each recipient, check for mail, and download it. Unless you hack the registry this cannot happen more frequently than every 15 minutes. Users do not like waiting 15 minutes for their e-mail. It gets worse. If you start having more and more users, more and more e-mail, or larger attachments the cycle will not finish in 15 minutes and it causes problems so you have to extend that time period. I have seen it set to more than one hour in an office with 40 people. Using SMTP to receive e-mail is just more efficient and eliminates the delays. Again, no need switch from using it, but just thought I would point out why it is not usually the preferred option. On the plus side when using the POP connector with most hosts, if the server goes down you can access the new mail using their web mail.
alexh75Director, Websters Ltd.Author Commented:
Hi Rob
Despite what it may appear, I have used smarthosts on a couple of occasions, and do understand that the email is going out through the ISP's SMTP server.  My choice of wording was a bit clumsy, and I apologize if it caused confusion.  When I said hosting our email, I effectively meant that we would have overall control over it for sending and receiving, rather than relying on sending through our ISP's SMTP server.
Also appreciate what you're saying about POP connector, especially about the 15 mins issue.  I've got around that in the past by using a piece of software called "PopGrabber" which is pretty decent.
Decisions decisions! :-)
Thanks
Alex
Rob WilliamsCommented:
If you are not going to use a SmartHost then nowadays as a minimum you have to set up reverse DNS with your ISP, otherwise a small, but growing, percentage of e-mail will be blocked for sure.
Nathan-B2BCommented:
"Here's the weak point, I need to rely on the ISP doing this over the weekend.  What would happen on Monday if they hadn't done it?"

Some email servers check that the rDNS resolves correctly and if it doesn't, will drop the connection.

So ultimately, if your ISP does NOT update the rDNS on your connection, some outgoing emails will be dropped by recipient email servers that are setup to check a rDNS record.

This will only affect outgoing email, not incoming.

Good luck.
alexh75Director, Websters Ltd.Author Commented:
Thanks for all the help.
I actually decided, at least in the short term, to use a commercial smart host.  Have been given a months free trial so we'll see how it goes.  Looking good so far!
Cheers
Alex
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.