Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 599
  • Last Modified:

User cant send email to their home email from the exch 2010 server

I just setup and exchange 2010 server and migrated a couple of users from the exch 2003 to the 2010. All seems to be working ok but the users say they cant send email to their home email for some reason. They get this message:
nlpi135.prodigy.net rejected your message to the following e-mail addresses:

 
Is there something I need to change in DNS or something on the 2010 server?

0
vmich
Asked:
vmich
  • 10
  • 7
  • 3
  • +2
1 Solution
 
morpheiosCommented:
Possible mail was rejected as spam. See logs
0
 
vmichAuthor Commented:
I dont see anything in the logs and I logged in with a test account on the same system and I can send an email to my home email, but the user sid they cannot.
0
 
Acosta Technology ServicesCommented:
Possibly an issue with reverse DNS setup.  Can you try the following:

Go to:  mxtoolbox.com

Put in your domain and do the MX lookup.  Once complete, click the "SMTP Test" and let us know if there are any warnings or failures.  Also, can you post the full error received from Prodigy.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
morpheiosCommented:
Is nlpi135.prodigy.net  your mail server? Or its ISP smtp of your user? In this case nlpi135.prodigy.net i think need authentification.
0
 
vmichAuthor Commented:
nlpi135.prodigy.net is not the mail server..
0
 
vmichAuthor Commented:
I went to mxtoolbox and ran the smtp test and all came back with green check marks. No warnings at all..
Here is the error from prodigy:
nlpi135.prodigy.net gave this error:
Connections not accepted from servers without a valid sender domain.nlpi135 Fix reverse DNS for, then the ip address is listed for the external ip of the exch server
0
 
CNS_SupportCommented:
Yes it could be identified as Spam.  Configure the Exchange Server with a Smart Host.
Ie, the mail should be forwarded to the ISP mail server for delivery.
If it is a Reverse DNS issue, you will need to contact your ISP and have them configure a Reverse DNS on your IP address for your domain name.  (This can get complicated when you host multiple names)
David
0
 
Acosta Technology ServicesCommented:
on mxtoolbox.com; go to the more tab on the right and select "reverse dns".  put in your external IP and see if it comes back correctly.
0
 
morpheiosCommented:
So U cann't do something with alien server.

I think your user must set up authentification on his mail client, or select another smtp server.
0
 
vmichAuthor Commented:
when I run the reverse lookup, it comes back and says no records found
0
 
Acosta Technology ServicesCommented:
Ok, when you moved to the new Exchange server did you contact your ISP and have the reverse DNS records changed?
0
 
vmichAuthor Commented:
Uhhh,
No not yet because we have only moved 1 user for testing and have not moved the others yet. So I guess the issue will stay until we move all of the users and decommis the old server and then have the ips make the change?
Is this correct?
0
 
Acosta Technology ServicesCommented:
Can you run message tracking on the 2003 server; check if your 2010 server is sending mail through 2003 or out of it's own internet routing group.  Are you running 2003 and 2010 on different public IPs?
0
 
CNS_SupportCommented:
If you are using the same internet connection as before, then your IP will not have changed.
Also if you are using the same domain name then that wouldn't have changed either. (Not that you had Reverse DNS configured anyway)
Try the Smart host option in Exchange.
Exchange Management Console
Expand Organisation Configuration
Select Hub Transport and from the tabs in the middle section,
Select Send Connectors
double click your connector and then select the Network tab
Route mail through the following smart hosts:
Add the mail server of your internet service provider.  Add authentication if required (most in Aust. dont)
Try again.
0
 
vmichAuthor Commented:
Wll the 2003 server is sending out email for the 2003 users and the 2010 server is sending out email for the 2010 users.
So my quesiton is, what do I need to setup on the 2003 or 2010 or both to have the 2010 server send it email through the 2003 server?
I tried setting up a new internet conn on the 2010 and put in the fqdn of the 2003 server, but the 2010 email still does not go through the 2003 server.
0
 
Acosta Technology ServicesCommented:
Are they going out the same public IP address, or do you have seperate public IP's for each server?
0
 
vmichAuthor Commented:
seperate public ips for now. Will be migrating all of the users next week from the 2003 to the 2010 but just want to be able to have the few users that are on the 2010 now be able to send emails to addresses like aol or comcast which look for the rdns, so the users dont get bounce back messages.
0
 
Acosta Technology ServicesCommented:
Perfect, call your ISP and have reverese DNS setup on the 2010's public IP address.  You'll definately need it if that's the long-term mail IP address.  
0
 
vmichAuthor Commented:
I guess that is the only way to get this accomplished then for now?
0
 
Acosta Technology ServicesCommented:
It's your best option.  You need to have reverse DNS setup to comply with today's mail standards.  If this is your new permanent mailflow IP, then it should be setup with your ISP ASAP.  It's a very quick process and will fix the current issues, as well as avoid future problems with NDR's and possible blacklisting.
0
 
PapertripCommented:
Along with a matching A/PTR record as operationnos mentioned, you should also add an SPF TXT record into DNS for your domain(s).

If your new public IP is 1.2.3.4, use the following syntax.
"v=spf1 ip4:1.2.3.4 -all"

Open in new window


You can add additional ip4 mechanisms to cover all of your sending IP's for a specific domain.
"v=spf1 ip4:1.2.3.4 ip4:1.2.3.5 -all"

Open in new window

0
 
PapertripCommented:
I should add that, if you already had an SPF record for the sending domain, but did not include the new IP and have -all set, then you will most definitely get rejected by most receivers.  
0
 
vmichAuthor Commented:
I had to have the outside pointed to the new exchange server once i migrated all of the users and then the issue was resolved.
0
 
vmichAuthor Commented:
thanks worked well
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 10
  • 7
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now