Solved

Inbound Email ROUTING problem with Recepient staus 550.5.1.1 RESOLVER.ADR.RecipientNtFound in newly Exchange 2007 installed in split zone

Posted on 2011-03-15
25
3,803 Views
Last Modified: 2012-05-11

I have completed the installation os a 2008 domain controller, a Win 2008 webserver, and an Exchange 2007 server on separate servers.
I used ABC.LOCAL as local DNS (Zone), then installed Exchange 2007 server, then added a 2nd zone as ABC.NET (My registered domain with Godaddy.com), I modified the Default Reciever to allow anonymous senders.
Inbound emails pass the RECIEVE status for the address USER@ABC.NET, then I see it in the next line (after I run Message Tracking Results) the ROUNTING staus is FAIL with the following status:  " 550.5.1.1 RESOLVER.ADR.RecipientNotFound"
I also have problems with outbound emails too, but I think if I get inbound Relay to work the other one will be ok or at least much easier. Whatever is causing the problem should be coming from the split (Internal and external) zones.
I checked and searched the web for a solution for more than 10 hours and still facing the same problem.

I appreciate any help in this matter very much.

Jay
0
Comment
Question by:Jay555
  • 13
  • 12
25 Comments
 
LVL 12

Expert Comment

by:Navdeep
ID: 35146083
Hi,

have you created accepted domain by the name of abc.net and is this address stamped to the user's mailbox
0
 

Author Comment

by:Jay555
ID: 35147090
I did create accepted domain named ABC.NET, but I don't know to stamp it to user's address.
Could you please explain to me how to do it?

Thanks

Jay
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 500 total points
ID: 35147142
This would be an automatic process unless exchange is broken somewhere.

Go to EMC > Receipients > Go to properties of the mailbox and check if you have the user with correct email address to it.

if it's not there then manually add the email address and first test internal mailflow. Try to send email to that address

post back your results
0
 

Author Comment

by:Jay555
ID: 35147364

Thank you so much for your help.

As soon as I sent you my comment with regards to Stamping, I went to EMC and modified the Default policy under Organization/HubTransport as the following:
%m@ABC.NET
@ABC.LOCAL

I tested it by sending an email from Gmail it worked. The only problem remains is outbound email. I tried to reply back to my gmail account, I DO NOT SEE THE REPLY IN MY GMAIL.
I should mention that I am using a DYNAMIC PUBLIC IP. I heard from MXTOOLBOX that almost all of Dynamic Public IPs are listed as RPBL.

Thanks

Jay
0
 

Author Comment

by:Jay555
ID: 35147512

Here is the result of MXToolBox:

ABC.NET is blacklisted as SPAMRBL.

HELO please-read-policy.mxtoolbox.com
250 Win2008EXCH.ABC.local Hello [64.20.227.133] [62 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 Sender OK [62 ms]
RCPT TO: <test@example.com>
550 5.7.1 Unable to relay [5054 ms]
QUIT
221 2.0.0 Service closing transmission channel [62 ms]
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 35147536
Hi,

.net and .local domains will not be resolvable on the internet. you need something like .com and also emails from dynamic ip will be rejected as spam.
0
 

Author Comment

by:Jay555
ID: 35147613

I think I had comcast.net email account a few years ago for my personal email service.
To my limitted knowledge .NET is not at the same category with .LOCAL
I have my domian registered as lets say "ABC.NET" and "ABC.COM": is not available.
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 35147630
sorry, yes .net will work but not .local however still you need static public ip address
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 35147641
Also do you see any failure delivery when you send an email to gmail/hotmail/yahoo
0
 

Author Comment

by:Jay555
ID: 35147656

No I do not see any failure message
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 35147673
can you do telnet to gmail mx record

telnet gmailMxRecord 25
then type ehlo and hit enter

what do you  see as a banner there
0
 

Author Comment

by:Jay555
ID: 35147886

I just got back the following delivery failure message.

Delivery has failed to these recipients or distribution lists:

jay@gmail.com
The recipient's e-mail system isn't accepting messages now. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message later, or provide the following diagnostic text to your system administrator.
--------------------------------------------------------------------------------
Sent by Microsoft Exchange Server 2007

Diagnostic information for administrators:

Generating server: WIN2008EXCH.ABC.local

Jay@gmail.com
#550 4.3.2 QUEUE.Admin; message deleted by administrative action ##

Original message headers:

Received: from WIN2008EXCH.ABC.local ([::1]) by
 WIN2008Exch.ABC.local ([::1]) with mapi; Wed, 16 Mar 2011 09:31:33
 -0400
From: Jay Lotfi <Jay@ABC.local>
To: "Jay@gmail.com" <Jay@gmail.com>, "Jay@yahoo.com"
      <Jay@yahoo.com>
Date: Wed, 16 Mar 2011 09:31:33 -0400
Subject: test 931
Thread-Topic: test 931
Thread-Index: AQHL49538EGTJrsOqUyB6fEs358Kyg==
Message-ID: <353D535E1DCBE8458BEC3D723608B425064A77395D@WIN2008Exch.ABC.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative;
      boundary="_000_353D535E1DCBE8458BEC3D723608B425064A77395DWIN2008Exchva_"
MIME-Version: 1.0

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 12

Expert Comment

by:Navdeep
ID: 35147903
Did you try to create a telnet sessions ?
0
 

Author Comment

by:Jay555
ID: 35147981

Not yet, but I just tried. I get an error saying telnet is not recognized. Should I move back to the root then type telnet?
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 35148069
no, you need to install telnet client from server manager.
0
 

Author Comment

by:Jay555
ID: 35148121

I just downloaded and installed Telnet in my Laptop and ran it. here is the message:


Connecting to gmailMxRecord:25 (press Esc to cancel)...

[TELNET] FAIL: Host not found. (The requested name is valid, but no data of the requested type was found.)

Do I have to run it on my exchange server?
0
 

Author Comment

by:Jay555
ID: 35148184

I installed the Telnet client on the server and ran the same command, here is tghe result:

Connecting to gmailMxRecord...Could not open connection to the host, on port 25:
Connection failed
0
 

Author Comment

by:Jay555
ID: 35149404
I added MAIL.ABC.NET as FQDN to Internet Send Connector , then sent an email to my gmail account.
Here is the message tracking result:

RECIEVE        STOREDRIVER   from  JAY@ABC.LOCAL  to JAY@GMAIL.COM
TRANSFER     ROUTING           from  JAY@ABC.LOCAL  to JAY@GMAIL.COM
SUBMIT          STOREDRIVER   from  JAY@ABC.LOCAL  to   blank?

I checked my gmail account it was not delivered .
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 35153018
Hi

You need to establish telnet sesion from hub transport server if you are not able to establish a connection then try with some domain to narrow down the issue but if u still not able to connect to any domain then check ur firewall and find out why outbound smtp is blocked
0
 

Author Comment

by:Jay555
ID: 35153409
Hello,

As I mentioned before, I ran MxToolBox on my public IP (74.103.10.158) and found out it is block listed as SPAMPBL in Spamhause.org. I called MxToolBox about it. They told me because it is a Dynamic IP, Verizon has them listed blocked via SPAMHAUSE.
Going back to TELNET, I was able to telnet my mail server on port 25 (It is internal). I also sould mention that My Exchange server has all roles installed on it, only one server.
I also called Verizon Fios Internet service department to see how much it'll cost me to have a static IP. Unfortunately it costs $110 permonth and I can not afford it.
On my firewall I have port 80 open for a different server (my web server), and ports 443 and 25 for Exchange email server.
Any advise to remedy this obstacle would be much appreciated.

Jay
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 35153499
It quite difficult because most of the messaging system subscribe to rbls, may be you can look into hosted solutions or some other isps for small home office buisness
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 35153523
Check dyndns.com
0
 

Author Comment

by:Jay555
ID: 35153534

It is not listed in RBL, but in PBL. I created a VMware virtual environment with several servers on it. My goal is to use it as a useful lab at home to practice and test several applications and softwares.
I have my Internet access as part of Fios package.
Question: If the public IP I mentioned above is block listed as PBL, does it mean I should not be able to Telnet through port 25?
I understand the outbound emails won't be delivered. But why port 25 isn't working for Telnet?

Thanks
0
 
LVL 12

Expert Comment

by:Navdeep
ID: 35154599
RBL means real time blacklisting, i generally use that term to cover all the spectrum.

You may or may not connect to port 25 on remote server due to your ip being listed. There are security in place which may not even allow you to connect to port 25, depending upon the solution remote domain is using.
0
 

Author Comment

by:Jay555
ID: 35156260
Thank you for all your help.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now