We help IT Professionals succeed at work.

Realying error

jscimeca33
jscimeca33 used Ask the Experts™
on
I purchased a new domain. Setup MX records to point to our exchange server. Everything seems to be setup correctly and started receiving emails. Now we get an error stating:

Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 5.7.1 <***@currentlightingelectric.com>... Relaying denied (state 14).

Not sure what else to do.

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Did you add an SPF record to your public DNS servers?
Also, did you contact your ISP and have them setup a Reverse DNS record for you?

You need both. Most spam filters and major ISP's now check for both. If you don't have them, your domain can't be verified and emails will get rejected.

Author

Commented:
I just added an SPF record to my public DNS Server.
My ISP did setup the reverse DNS for me in the begining of the week.

Do I need to wait for the SPF record to propagate?
Yes, it's just like any other DNS change. Give it 24 hours.
kevinhsiehNetwork Engineer

Commented:
Since the problem seems to be RECEIVING email from google, SPF isn't the issue. In fact, your SPF record is invalid. Check validation at http://www.kitterman.com/spf/validate.html

It sounds like one of your servers rejected email from google. It could have been either of the MX servers listed in DNS. Double check both of them to make sure they are both set to accept email for your domain.

Non-authoritative answer:
currentlightingelectric.com     MX preference = 20, mail exchanger = smtp2.currentlightingelectric.com
currentlightingelectric.com     MX preference = 10, mail exchanger = smtp1.currentlightingelectric.com

smtp2.currentlightingelectric.com       internet address = 8.11.253.43
smtp1.currentlightingelectric.com       internet address = 206.217.76.123

FWIW, the reverse DNS on your MX servers doesn't match the A records. Could be a problem if you use them for sending.
From my tests, it seems that the primary MX (206.217.76.123) is down and the secondary (8.11.253.43) does not accept mails for currentlightelectric.com
Since it's greeting has a totally different name, I assume that it is a thoird party mail server used as backup.
Howevre, apart from mentioning in as an MX record it still needs to be configured to accept (and relay) mails for your domain.
I guess that it is a Linux 2.6 system but am unsure which mail server is running; the exact method of configuring a domain as relayable depends on it.
On the other hand, an operational failover MX won't help in the long run unless you get your primary MX server (back) up.
@ kevinhsieh - I believe his issue is sending. jscimeca33 stated that "Google tried to deliver your message, but it was rejected by the recipient domain" indicating the email was sent from his Exchange server to a Google account, but it was rejected. Unless he's using Google as a relay, Google shouldn't be trying to delever email at all unless it's destination is a Google account.

@ jscimeca33 - Can you verify this please?

Author

Commented:
@jzaniewski The issue is receiveing.  Not sending, we can send out no problem.  If you send an email to 123test@currentlightingelectric.com you will get a kick back.  5.7.1 relaying denied.  
The MX records are pointing the the correct IP.  We have multiple domain names all pointing here.  I setup the SPF records this morning, they look valid also.  
I just sent a test to that account.

msw.alliancebuildingservices.com rejected your message to the following e-mail addresses:
'123test@currentlightingelectric.com' (123test@currentlightingelectric.com) <mailto:123test@currentlightingelectric.com>
msw.alliancebuildingservices.com gave this error:
<123test@currentlightingelectric.com>... Relaying denied

The responding server was "msw.alliancebuildingservices.com" not "currentlightingelectric.com". Is your Exchange server correctly configured to accept email for "currentlightingelectric.com"?  Also, double check your public A record for your server and make sure the IP address is correct.

Author

Commented:
I checked the exchange server and it looks to be setup correctly.  Where should check to see if it accepts emails from currentlightingelectric.com?  The strange thing is after we put in the MX records the next day we started to receive some emails but then it stopped.    
Which version of Exchange are you using?