?
Solved

Why my mail bounced back?

Posted on 2011-09-08
21
Medium Priority
?
266 Views
Last Modified: 2012-06-22
This is using MS Exchange 2003 server in w2k3 ad domain. Recently, few users told me that they got bounced message whenever trying to send to the recipient with error messages:

    did not reach the following recipient(s):

    user1@abc.com on Thu, 8 Sep 2011 18:31:00 +0800
    You do not have permission to send to this recipient.  For assistance, contact your system administrator.
    <mx1.def.com. #5.7.1 smtp;554 5.7.1 Client host rejected: cannot find your reverse hostname, [x.x.x.x]>

The error message said cannot find my reverse hostname? What can I do to accomplice this reverse hostname?
0
Comment
Question by:MezzutOzil
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 5
  • +2
21 Comments
 
LVL 97

Expert Comment

by:Experienced Member
ID: 36501831
You need to talk to your ISP and ask them to put in a Reverse Lookup for you. You cannot do it yourself.

You need your ISP to add a Reverse A record similar to this form:  

Needed PTR: 107.xxx.zzz.yyy.in-addr.arpa -> mailserver name

This will permit receivers to know you are legitimate. You cannot do this yourself.

.... Thinkpads_User
0
 
LVL 13

Expert Comment

by:notacomputergeek
ID: 36503273
Go to www.dnsgoodies.com and type in your mail server (e.g. mail.contoso.com) in the 'Reverse DNS Lookup' to see what it resolves to.

Yes, thinkpads_user is right, this needs to resolve correctly.
0
 

Author Comment

by:MezzutOzil
ID: 36503918
Hi both,

I can get the correct resolutions.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 97

Expert Comment

by:Experienced Member
ID: 36503967
The error message says the reverse resolution is not working correctly, so you need to contact your ISP and not rely on any lookup until they give you an answer. It could, of course, be something different, but do contact them.

... Thinkpads_User
0
 
LVL 13

Expert Comment

by:notacomputergeek
ID: 36504022
Are you receiving your e-mail directly into Exchange or are you setup so that your e-mail gets delivered to a hosting mail server and you use POP3 from your Exchange to go get it?
0
 

Author Comment

by:MezzutOzil
ID: 36504292
Outgoing mails send directly out from Exchange server. For incoming mails, they have to go through a mail gateway (using Centos with MailScanner), before reaching the same exchange server...
0
 
LVL 13

Expert Comment

by:notacomputergeek
ID: 36504371
Are you hosting Centos so that both servers are behind the same WAN IP?
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36504602
What is the fqdn of your sending server?
0
 
LVL 97

Expert Comment

by:Experienced Member
ID: 36504610
Here is a Reverse Lookup for a known working Exchange system behind a Brightmail spam scanner.

Server: 192.168.5.6
 Address: 192.168.5.6#53  <--- This address does not relate to my client.
 
Non-authoritative answer:
 Name: mail1.clientname.com  <--- This is correct for my client.
 Address: xxx.yyy.zzz.107  <--- This is the Brightmail address, not the Exchange Server.

Let us know what you see.

.... Thinkpads_User

 
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36504677
If you tell us the FQDN of your sending server(s), we can easily verify if DNS looks ok.
0
 

Author Comment

by:MezzutOzil
ID: 36507574
mx3.vbh.com.sg
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507591
pod@box:~$ dig mx3.vbh.com.sg +short
119.73.242.126

Open in new window


pod@box:~$ dig -x 119.73.242.126

; <<>> DiG 9.7.0-P1 <<>> -x 119.73.242.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45499
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

Open in new window


Your reverse record for mx3.vbh.com.sg does not exist.  You need to contact whoever handles DNS for your domain and request they add a PTR record for all of your outgoing mail servers.

That will definitely fix the original problem.
0
 
LVL 97

Expert Comment

by:Experienced Member
ID: 36507611
I found the same thing on another look, and that (contact ISP) goes all the way back to my first post.

..... Thinkpads_User
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507620
Well, technically, you were just guessing at the solution during the first post, so you didn't really "find" anything.  I found and posted conclusive evidence of what the actual problem is.


Don't forget you said:
It could, of course, be something different, but do contact them.
0
 
LVL 97

Expert Comment

by:Experienced Member
ID: 36507635
True, but we had no information until the FQDN was posted and then we both found the same thing. There was no other way initially. ... Thinkpads_User
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 2000 total points
ID: 36507640
You are absolutely correct, I never said anything along the lines of your answer not being correct, but it wasn't able to be proven at that time.
0
 

Author Comment

by:MezzutOzil
ID: 36516179
Hi both,

Thanks for your info. I'll contact ISP for the mx record registration.
0
 
LVL 23

Expert Comment

by:yo_bee
ID: 36516194
Are you on a Dynamic IP (i.e. Cable ) or do you have a static?
I had this issue back in 2000 when I setup one of my first clients and I was unable to send mail to AOL or Hotmail because I was part of a dynamic pool of addresses.  Most ISP's will not create PTR on the dynamic pool of addresses.

I needed to setup a SMTP Connecter to route all mail through my ISP SMTP Server.  This solved my issue.
If you have a static address you should be able to have a PTR created as ThinkPads_User mentioned.

0
 

Author Closing Comment

by:MezzutOzil
ID: 36526928
Excellence
0
 
LVL 97

Expert Comment

by:Experienced Member
ID: 36526935
That was a strange answer you accepted. You might have at least split points.
 ... Thinkpads_User
0
 
LVL 23

Expert Comment

by:yo_bee
ID: 36526946
Maybe it was a setup for point dumping.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question