Solved

The error that the other server returned was: 554 554 No relaying allowed - psmtp (state 14).

Posted on 2011-02-28
37
1,801 Views
Last Modified: 2013-11-30
I Just got hired to work for a small business and they are having problems receiving emails.  The problem started over the weekend while no one was here.

We can send and receive internal email, and send external email.  What we cannot do is receive external email.  

when I tried sending a test email from my hotmail i got the following:

This is an automatically generated Delivery Status Notification.
 
Delivery to the following recipients failed.

-------

when I tried from my gmail to my company email i got :

Delivery to the following recipient failed permanently:

    myname@companyx.com

Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 No relaying allowed - psmtp (state 14).

------

how do i fix this?
0
Comment
Question by:cpet11
  • 16
  • 9
  • 7
  • +1
37 Comments
 
LVL 7

Expert Comment

by:ncheung
ID: 34999151
First check your smtp domain's MX record to determine what it is pointing to.  Once you have the IP address or server name it is point to.
Check what that server is and if it is allowing external sources to send email to it.  Without know what system is designated to receive emails from the Internet, it is hard to advise you further.


One thing to note is not to blindly allow open relay on your publicly accessible email server.  You'd be doing yourself and any email administrator a favor.
0
 

Author Comment

by:cpet11
ID: 34999320
how would i check the mx records in exchange 2003?
0
 
LVL 11

Expert Comment

by:MichaelVH
ID: 34999965
MX records are part of your public dns; they are not a feature in Exchange 2003.

I advice you to use http://www.mxtoolbox.com/ to check your MX-records. This record will show you what the IP-address is of your mail-server (or the point of entry which could be a anti-spam appliance or other). You'll probably find the reason for your problems there.

Kind regards,

Michael
0
 

Author Comment

by:cpet11
ID: 35000009
looks like they are pointing to postini but none of the log in information the previous IT admin left is working
0
 

Author Comment

by:cpet11
ID: 35000026
OK - 64.18.6.14 resolves to s7a1.psmtp.com
 Warning - Reverse DNS does not match SMTP Banner
 0 seconds - Good on Connection time
Not an open relay.
 0.237 seconds - Good on Transaction time

Session Transcript:
HELO please-read-policy.mxtoolbox.com
250 Postini says hello back [38 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 Ok [38 ms]
RCPT TO: <test@example.com>
451 Can't connect to example.com - psmtp [42 ms]
0
 
LVL 11

Expert Comment

by:MichaelVH
ID: 35000162
Well,

that leaves you with 2 issues:

1. you definitely need that login for postini
2. your rdns entry isn't correct (check: http://www.google.com/support/appsecurity/bin/answer.py?hl=en&answer=138599)

Grts,

Michael
0
 

Author Comment

by:cpet11
ID: 35000249
I found the login info for postini but its not working, our ISP told me our domain hasnt been registered since 2008.  if thats the case how has this been working for the past 3 years?
0
 
LVL 7

Expert Comment

by:ncheung
ID: 35000305
I'm not sure if you are using the query tool correctly.  From what I see based on your information.  All your public emails are pointing to
> s7a1.psmtp.com
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

psmtp.com
        primary name server = ns1.ns.postini.com
        responsible mail addr = postini-hostmaster.google.com

Are you on purpose sending all your public emails to google.com?
0
 

Author Comment

by:cpet11
ID: 35000361
I dont know how things are set up here, this company has been without an IT admin for about 6 months.
I am getting mixed messages from the users but it sounds like postini was being used for a SPAM filter.  our services may have expires with them but I cant get ahold of a human to talk to on the phone
0
 

Author Comment

by:cpet11
ID: 35000374
mx:mydomain.com                mx  

Pref      Hostname      IP Address      TTL            
10      mydomain.com.s7a1.psmtp.com      64.18.xx.xx      60 min      SMTP Test      Blacklist Check
20      mydomain.com.s7a2.psmtp.com      64.18.xx.xx      60 min      SMTP Test      Blacklist Check
30      mydomain.com.s7b1.psmtp.com      64.18.xx.xx      60 min      SMTP Test      Blacklist Check
40      mydomain.com.s7b2.psmtp.com      64.18.xx.xx      60 min      SMTP Test      Blacklist Check
0
 
LVL 7

Expert Comment

by:ncheung
ID: 35000470
Okay looks like your public email traffic goes through a hosted premium spam filtering service.  As illustrated here by this website:
http://www.hosting.com/support/spamfiltering/mxrecord

You may want to have a chat with their support to see if they are still supporting your email domain.

They indeed use Postini. http://www.hosting.com/company/contact-us
0
 

Author Comment

by:cpet11
ID: 35000628
this company (hosting.com) says they do not have an account with our domain name
0
 
LVL 7

Expert Comment

by:ncheung
ID: 35001009
sorry I think I gave you bad information because I don't use postini.

Didn't realize google bought postini.  You may have to check with google services.
http://www.google.com/postini

You email is basically directing to them at the addresses you've already located.
Pref      Hostname      IP Address      TTL            
10      mydomain.com.s7a1.psmtp.com      64.18.xx.xx      60 min    
20      mydomain.com.s7a2.psmtp.com      64.18.xx.xx      60 min      
30      mydomain.com.s7b1.psmtp.com      64.18.xx.xx      60 min      
40      mydomain.com.s7b2.psmtp.com      64.18.xx.xx      60 min
     
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 35001079
Your server is able to directly receive mail from the world because I just telnetted into it.  Your FQDN on your SMTP Virtual Server is GREEN.internaldomain.local and should be changed to mail.domain.com

If you don't have a Postini account, change your MX records to point to mail.domain.com and then you will start to receive mail.  Make sure you have anti-Spam software installed to stop spam and if you don't have any, you might want to consider www.vamsoft.com as cheap, incredibly effective Anti-Spam software.
0
 

Author Comment

by:cpet11
ID: 35007090
last night I had our ISP change our MX records to point to mail.mydomain.com

 I dont know why things with postini just stopped working as I am still unable to contact them.

where in the exchange system manager do I change my FQDN?
0
 
LVL 11

Expert Comment

by:MichaelVH
ID: 35007121
You would need to go into the properties of the default smtp virtual server and change the FQDN there.
0
 
LVL 7

Expert Comment

by:ncheung
ID: 35007639
Just a reminder when updating the FQDN on your SMTP virtual server.  If you have more than one internal exchange server please make sure your updates are reflected on all of them.

http://msexchangeteam.com/archive/2005/02/25/380481.aspx
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:cpet11
ID: 35008247
can this be edited to exlude the IPs and domains ive posted?
0
 
LVL 7

Expert Comment

by:ncheung
ID: 35008482
You shouldn't need to exclude from an inbound perspective.  You would want the Internet to be able to send emails into your email systems. You just need to be worried about not to enable an open relay smtp server.

I'm confused by your last question about the exclusion.
0
 

Author Comment

by:cpet11
ID: 35010462
Can all examples ive posted like

You email is basically directing to them at the addresses you've already located.
Pref      Hostname      IP Address      TTL            
10      mydomain.com.s7a1.psmtp.com      64.18.xx.xx      60 min    

 be replaced with

Pref      Hostname      IP Address      TTL            
10      DOMAIN.com.s7a1.psmtp.com      64.18.xx.xx      60 min    

I want to take my companies name out of my posts
0
 
LVL 7

Expert Comment

by:ncheung
ID: 35011875
If you've already directed your MX record to
mail.yourdomain.com    internet address = 155.212.xxx.xxx

I'm not sure what the purpose of domain.com.s7a1.pmstp.com is for.  In theory, 155.212.xxx.xx should accept messages for your smtp domain and route the email accordingly internally.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35013033
>> where in the exchange system manager do I change my FQDN <<

In Exchange System Manager it is on the SMTP Virtual Server Properties> Delivery Tab> Advanced Button.  Change Green.internaldomain.local to mail.domain.com and that's al you have to do.

Then you should have inbound mail-flow and outbound mail-flow much happier.

Alan
0
 

Author Comment

by:cpet11
ID: 35013072
I am not positive but I assume domain.com.s7a1.pmstp.com was the companies SPAM filter provider.  after having the MX record edited by our ISP which also acts as our DNS service everything is working now and the problem is fixed.  I sadly will never know what happened in the first place as the documentation here leaves something to be desired.  the problem is fixed, thank you very much for your help.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35013089
pmstp is a Postini mail server - so it did look like you were using Postini - but with a lack of documentation - and lack of staff in the know, it makes it kind of difficult.

Glad that you are working and if I have missed any IP's / Domain Names, please let me know and I will obscure them for you.

Alan
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35013097
So was my comment http:#a35001079 not helpful in resolving your problems?
0
 

Author Comment

by:cpet11
ID: 35013115
:) everything looks good, thank you
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35013147
I am glad - but please can you answer my question.

Thanks

Alan
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35013277
I have raised a Request For Attention as I am objecting to the way this question has been closed.

Alan
0
 

Author Comment

by:cpet11
ID: 35013366
I thought i did when I clicked yes on it.  what is your objection?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35013385
My comment about you changing your MX records seems to be exactly what you have done to resolve the issue, yet you have chosen the first comment in the thread which doesn't mention changing your MX records, only checking them and seeing where they point.

I see that you are new to EE - so you may not know about closing down questions yet - the usual way is to award points to the comment or comments that helped you to resolve your problem and as far as I can see - the comment you have chosen doesn't help you at all - hence my objection.

Does that make sense?

Alan
0
 

Author Comment

by:cpet11
ID: 35013522
Yes it does, both comments mentioned the MX record, I chose the one at the top because it was the first one I saw and didn't really give closing the ticket a lot of thought.  Your comment was the right solution and more accurate as it came further in diagnosing the problem, I suppose I should have clicked on the choose multiple button. Sorry about that, I really found everyone's suggestions helpful.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35013622
You can choose multiple comments as the answer to your question - but you should only include the comments that actually help you in solving the problem.  Whilst all comments might be helpful - a question can get elongated with comments that don't actually help and then selecting the wheat from the chaff can be tricky.

You mentioned that changing the MX records to point directly to your server was what solved your problem and as far as I can see, I was the first / only one to mention that as an option.  The initial comment (current accepted solution) only mentions to look at where the MX records point to and as you discovered - that is Postini - yet you have discovered that you don't have a working account with Postini (that you can find), so knowing where your mail is pointing is helpful, but not getting you anywhere.

As soon as I mentioned that you can change your MX records to point directly to your own server - your next comment was that you have changed them and that has resolved your problem, so this is why I have raised an objection.  It was my comment that lead you to change your MX record to point to your own server and ultimately got your mail flowing again, so I feel that I should at least be included in the 'solution', either as the Answer to the question with an assist to other helpful comments or as an assisted comment.
0
 

Author Comment

by:cpet11
ID: 35013966
i dont know how to do that
0
 

Author Comment

by:cpet11
ID: 35013970
when you you explain it like that your right but i dont have the option of changing it
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35015069
A moderator will be able to re-open the question and that will enable you to close the question down differently.

Thanks

Alan
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now