SMTP error from remote mail server after RCPT

We are trying to send emails to an email address user@xxxx.k12.mt.us and get the following error. Can someone help me understand why we are getting this error.



-----Original Message-----
From: Mail Delivery System [mailto:Mailer-Daemon@localhost.localdomain]
Sent: Tuesday, October 16, 2012 1:14 PM
To: user@company.com
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  user@xxxx.k12.mt.us
    SMTP error from remote mail server after RCPT
TO:<nichole_emerson@gfps.k12.mt.us>:
    host mx1.xxxx.k12.mt.us [69.51.X.X]: 554 5.7.1
<unknown[66.148.X.X]>:
    Client host rejected: envelope policy RBL PTRNUL

------ This is a copy of the message, including all the headers. ------
------ The body of the message is 406334 characters long; only the first
------ 106496 or so are included here.
LVL 1
NoobNKCAsked:
Who is Participating?
 
supportsConnect With a Mentor Commented:
If you are sending email and it reverting back with the above mentioned information.
It could be possible that the email address is invalid and might not have any issue from your end.

If you have any other email address of a user in the same domain. Send them an email to ensure that email is bouncing back. However, you need to make sure that the email address your sending to exist.
0
 
James HIT DirectorCommented:
If I am reading this right, your email is rejected due to a missing PTR record.
Do you have a reverse DNS record for your MX record?

Check your domain with www.mxtoolbox.com
0
 
NoobNKCAuthor Commented:
I checked mxtoolbox.com and it does have a reverse DNS. However when I check the SMTP Test. I get SMTP Reverse DNS mismatch - Warning Reverse DNS does not match SMTP banner.. and I get SMTP TLS - Warning - Does not support TLS

How do I correct the warnings?
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
NoobNKCAuthor Commented:
FYI. We are using MailEnable with several post offices for several sub companies/domains

Our Setup:
SMTP mail server is mail.company.com (which also has a post office for email)

company.com
A Record - Mail points to 66.xxx.xxx.1
Mx Record - @ points to mail.company.com

subdomain1.com
A record - Mail points to 66.xxx.xxx.2
Mx Record - @ points to mail.subdomain1.com

subdomain2.com
A record - Mail points to 66..xxx.xxx.3
Mx Record - @ points to mail.subdomain3.com

subdomain3.com
A record - Mail points to 66.xxx.xxx.4

Do I need to add the mail.company.com to the MX records to each subdomain MX record?
0
 
NoobNKCAuthor Commented:
Anyone?
0
 
fgrushevskyCommented:
You don't need reverse DNS for your MX records.
You need to make sure you have reverse DNS for all of your "A" records
0
 
fgrushevskyCommented:
Also, don't worry about TLS warning.  It means that you servers don't support TLS (Transportation level security), but it is not a requirement for every server.

If you need TLS for your business purposes, then you should buy SSL certificate from one of the public CAs or create a self-signed certificate, install it on your mail server and configure to use it
0
 
fgrushevskyCommented:
The other warning "Reverse DNS does not match SMTP banner" means that during SMTP session / handshake your server is coming (connecting) from IP xx.yy.zz.1 and saying something like:

Helo mailserver.mydomain.com

but reverse record for IP xx.yy.zz.1 is pointing to mailserver2.mydomain.com (and not mailserver.mydomain.com)

Again, it does not have to be 100% match, therefore it is just a warning.
In all my experience, only handful of places were checking for this match and all these places were in Germany
0
 
NoobNKCAuthor Commented:
How do I go about setting up reverse DNS for my "A" records. GoDaddy does all my DNS.
0
 
fgrushevskyCommented:
The reverse records are managed by the company that "owns" your IP block(s). It is usually your ISP.
So you will have to contact your ISP (and not GoDaddy) and ask ISP to setup reverse records for each of your A records
0
 
NoobNKCAuthor Commented:
I contacted our ISP and rDNS is in place. But why am I still getting errors when sending emails to certain domains.

Error:
-----Original Message-----
From: Mail Delivery System [mailto:Mailer-Daemon@localhost.localdomain]
Sent: Tuesday, October 16, 2012 1:14 PM
To: user@company.com
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  user@xxxx.k12.mt.us
    SMTP error from remote mail server after RCPT
TO:<nichole_emerson@gfps.k12.mt.us>:
    host mx1.xxxx.k12.mt.us [69.51.X.X]: 554 5.7.1
<unknown[66.148.X.X]>:
    Client host rejected: envelope policy RBL PTRNUL

------ This is a copy of the message, including all the headers. ------
------ The body of the message is 406334 characters long; only the first
------ 106496 or so are included here.

Any other ideas?
0
 
fgrushevskyCommented:
check your IPs (all of 66.xxx.xxx.1 - ¿¿ 66.xxx.xxx.4 ) on http://www.dnsstuff.com/

to see what is actually in place  (PTR records)
and if anything blacklisted
0
 
NoobNKCAuthor Commented:
I checked our IP's on http://www.debouncer.com/reverse-dns-check and the IP's point to the correct mail.company.com addresses, but we continue to get bounced emails.

    554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.

or the error listed above.
0
 
fgrushevskyCommented:
It means that one of more of your IPs are listed in some RBL (real time black lists)
You need to find out the RBL that has your IP and follow their instructions on how to delist your addresses
The places to check are
http://www.anti-abuse.org/multi-rbl-check/
http://mxtoolbox.com/blacklists.aspx
http://www.trustedsource.org/
http://rbl-check.org/
0
 
NoobNKCAuthor Commented:
I checked http://www.anti-abuse.org/multi-rbl-check/ and all 4 IP's Not Listed or Blocked
I checked http://mxtoolbox.com/blacklists.aspx with ZERO listed
I checked http://www.trustedsource.org/ and all 4 IP's are at Minimal Risk

Its pretty frustrating when I check to see if any of our IP's are being blocked or blacklisted and they are not. I also checked to see if our rDNS is ok and it is. I have no clue why we continue to receive errors when sending email.
0
 
fgrushevskyConnect With a Mentor Commented:
ok, this is what you can try.
Usually (often) SMTP servers provide more information during SMTP handshake (exchange) that reported in NDR messages. So you will need to perform SMTP session manually.

Pick a domain where you will have trouble sending to.
Using nslookup (or any oher DNS tool you like), find out MX records for that domain

nslookup -type=mx port25.com

Once you get MX records, from the command prompt do a following command
telnet mail.myrecipeintmx.com 25
where mail.myrecipeintmx.com is the MX record you got

Once connection is opened and you see welcome banner (will look something like :
"220 mail.myrecipeintmx.com  ESMTP service ready" ), type

EHLO server.yourdomain.com

where server.yourdomain.com is your server FQDN

once you get a response, type
MAIL FROM: <youremail@yourdomain.com>
where youremail@yourdomain.com is your sending address

once you get a response, type
RCPT TO: <recepientemail@myrecipeintdomain.com>
where recepientemail@myrecipeintdomain.com is address your are sending to.

If after all that you will get 220 .... response then you are good to go and should have no problem sending to that address.
Most likely at some point during that exercise you will get 554 or some other SMTP error with some brief explanation why the remote system does not like your message.
It might have a clue what the other system deemed wrong with your server
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.