Solved

Set PTR - IP and PTR DO NOT MATCH - smtpsvc sporadic

Posted on 2012-03-30
9
730 Views
Last Modified: 2012-06-27
The PTR and IP address do not match, but I don't know how to fix it.
Email on smtpsvc sporadic and I think from all I read that this is the reason.
I used nslookup to get the PTR and it's 10.10.1.1.
How do I set the PTR to the IP address?  
What else will that affect?  I don't want to lose connectivity.
This is on Windows 2008 server running Windows Firewall through a router.
I understand ISP has to give me a smart host and that may fix this, but they will not cooperate.

Would it cause this error:

Message delivery to the host '166.181.112.1' failed while delivering to the remote domain 'email.uscc.net' for the following reason: An SMTP protocol error occurred.
Log Name:System
Source: smtpsvc
Event ID:  4006
Level: Warning
User: N/A
OpCode:
Keywords: Classic
Computer: CWEB
0
Comment
Question by:dcass
9 Comments
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 37790145
You need to use an external source for querying your records for this.  One good option is to use www.mxtoolbox.com and enter your domain to perform a check, however this won't explicitly tell you what IP you're sending from.  It will tell you what MX records you have and what IP those resolve to, which in many cases can be the same IP that you send from, but not always.  The 10.10.1.1 that you mentioned above is your internal IP and pretty much has no impact at all on your ability to send email (assuming the machine can communicate with the rest of the network).  You should know what public IPs you have assigned to you.  If you don't know what IP you're sending from, you can look at the headers of an email you send out, look for a line that starts with "Received: from [xxx.xxx.xxx.xxx]".  The x's will be your IP.  Now that you know that, you can lookup the records associated with that IP, either by using an external service like MXToolbox (www.DNSStuff.com is another good one, just sign up for a free trial) or using nslookup pointed at an external DNS server (something like "nslookup -q=ptr <YourExternalIP> 8.8.8.8").  You should have an A record that resolves to the IP you're sending from.  And you should also have a PTR record for that IP that resolves back to the name of the A record.

I'm going to copy a post I made in another question.>>>>>>>>>>>>>>
Some mail servers will block you when your SMTP Banner isn't a valid FQDN and/or doesn't match with the FQDN that the PTR record for the IP you're sending from resolves to.  For example, if the IP you're sending from is 100.200.300.400, and the PTR record for that IP resolves to mail-out.example.com, then your SMTP Banner should be mail-out.example.com.  And the A record for mail-out.example.com should resolve to 100.200.300.400.  If you're sending and receiving from different addresses, this doesn't have to match up with your MX record (your MX record could be for mail-in.example.com).
>>>>>>>>>>>>>>>>>>>>>>>

Your MX and A records can be modified by you, usually wherever you have your domain registered.  The PTR record needs to be modified by your ISP since they are the ones that actually own or control the IP (they're just letting you use it).  You can just contact them and tell them that you need a PTR record created or changed for the specific IP to point to the right name.

A smarthost is another way to go, which basically uses someone else to send and/or receive email for you, as they've already got their records in order, but it's not necessary.

Not certain about the error message you posted.  It could be caused by an incorrect firewall or antivirus configuration.  Make sure your records are in order and then try to troubleshoot this if you're still getting errors.
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37791123
Hi,

First of all internet and Intranet DNS es are different. As the original post indicates when you resolve the SMTP server address you get an 10.10.x.x address. This is an intranet address and probably coming from your Active Directory server which serves only the intranet.  it has nothing to do with your external IP address of your server which is 166.181.112.1. This must be served from an external DNS either on-site or you ISP handles it. So when you're in intranet you get 10.10.x.x addressa nd wehn you're outside you get 166.182.112.x address. This is called Split DNS.

So you have 2 problems:
- Internal DNS might have wrong reverse DNS info. You can simply test it by nslookup. if "nslookup hostname" returns an IP and t "nslookup host-ip" returns another name then the internal DNS is not up-to-date. You'll need to login to your AD server and launch DNS snap-in from the Administrative Tool edit 1.10.10-in-addr.arpa. domain and correct the PTR info for your server. But this just it and there's nithing to do with your external DNS.
- I  don't think the problem with your server access from outside access is related to the DNS. it seems that your DNS is correctly resolving the external relay host but it can not deliver e-mails to it. So either your authentication information is incorrect or something is blocking access to it. Try to logon to your mail server and use telnet and check if you can get logon banner of your relay. In anyway you have to contact your ISP support this is nothing you could solve on your own.

Cheers,
K.
0
 
LVL 13

Expert Comment

by:Sandy
ID: 37793213
Change the PTR record in RDNS according to your required hostname
0
 

Author Comment

by:dcass
ID: 37798354
How do I find someone to look at this and fix it?  The people I hired have charged me $900 and they still do not have a clue.  I have no money left and still no text messages will go out.
I have a fire department that uses this, so people's lives are at stake.

Email goes out fine, but text message email (the bulk of my business) gives smtpsvc error "SMTP protocal error occurred" and it sits in the queue.

Header (same as regular email) - specifics have been changes (domain, ip):
Received: from CWEB ([127.0.0.1]) by CWEB with Microsoft SMTPSVC(7.5.7601.17514);
       Mon, 2 Apr 2012 15:21:46 -0500
thread-index: Ac0RDjn1RykHswCMTie4MsWkjT94tQ==
From: "Lakehse" <lakehse@aol.com>
To: <6369999999@email.uscc.net>
Date: Mon, 2 Apr 2012 15:21:46 -0500
Message-ID: <6CADF58EEF2D4CBB96AE906577CC337C@CWEB>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.1.7601.17609
Return-Path: lakehse@aol.com
X-OriginalArrivalTime: 02 Apr 2012 20:21:46.0355 (UTC) FILETIME=[39FA9430:01CD110E]
testest
(AWS)
0
Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

 
LVL 39

Expert Comment

by:footech
ID: 37801134
What have you done so far?  Did you check your records and find they're OK or were you not able to do that?

If you want to send me an email to the address in my profile, I can check out your records.  Make sure the email is from this domain that is having problems.

However, if all emails are going out just fine, but your text messages aren't, then we have to look at what's different there.
Where are the text messages coming from (how are they being generated)?
Have you successfully sent an email to the same recipient but from a different source like GMail? - to verify that *any* messages are getting through
0
 

Author Comment

by:dcass
ID: 37807991
All the emails go out fine except for the fact that I used to send out 500 at a time and now I can only send out 30 - with a list of 3000, that's a pain.  I get "The connection to the server was reset while the page was loading
  The site could be temporarily unavailable or too busy. Try again in a few
    moments."
I've adjusted every IIS setting I can find and no change.  

However, when I change it to a text message (ex: 9999999999@vtext.com), I get a system message that says that the protocols do not match and they just sit in the queue.  I'm using CDOSYS, standard ASP code (that works for email).  
So I changed it from localhost to smtpout@secureserver.net (GoDaddy) with authentication (and since that's a limited amount per day, I'd appreciate suggestions on other email to use).  It works, but it actually locked up my system - twice, so I can't send out in any volume (and this is my core business).
I wish I'd never upgraded to W2008 but I'm stuck with it now, so I appreciate any help.
A      cportals.com      99.99.99.210 (not real ip)
smtp times out - incoming is closed on port 25 because of hacker abuse
ns: cportals.com
mx: goes to godaddy servers-  priority 0: (smtp.secureserver.net 216.69.186.201), priority 10: (mailstore1.secureserver.net      72.167.238.201)
PTR      99.99.99.210      colo2-cportals-210.epconline.net (matches A record)
cname is not found - curious.
0
 
LVL 39

Expert Comment

by:footech
ID: 37809847
I've requested attention to this question.  I can't tell if this is more an issue with records, or with IIS (SMTP service) and it's configuration and/or ASP.  One thing I would suggest is to turn up logging for the SMTP protocol and look in your event logs for SMTP errors.  This may provide further helpful information.

Since relaying through another server (GoDaddy) works for you, this does point (at least to me) to towards a problem with your records.  Make sure your SMTP banner is set to the same FQDN that matches with the IP you're sending from.  Go on MXtoolbox and make sure you're not on any blacklists.  A SMTP server can also be configured as to how many connections per server to allow - this might be a factor for you.
0
 

Author Comment

by:dcass
ID: 37818140
My ISP provided an email on his email server, so case closed.
0
 

Author Closing Comment

by:dcass
ID: 37818141
This answer taught me so much!
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now