• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 484
  • Last Modified:

Exchange 2007 HELO / rDNS errors and issues sending mail to some domains

Hi all,

I am working on a server that is having issues sending mail to a handful of recipients.  This is not a server or environment that I have configured, and I am tired and have confused myself.  I have run some of the MXtoolbox and DNSstuff checks, to find a few things:

MXToolbox reports that my rDNS is working fine.

DNSstuff, reports:

"WARNING: The hostname in the SMTP greeting does not match the reverse DNS (PTR) record for your mail server. This probably won't cause any harm, but may be a technical violation of..."

Now, when I send to one person's domain I get this error:

smtp2.wedohosting.com #554 We do not accept mail from hosts without a reverse dns PTR record. Please contact your Internet Service Provider to have this fixed. ##

So, I started fishing for EHLO and HELO info, to find this out:

1)  All of my records show that mail1.mydomain.com -> XXX.XXX.XXX.XX9 (note the 9!)

2) When I run the HELO/EHLO check on abuseseat.org, it reports that mail1.mydomain.com -> XXX.XXX.XXX.XX8 (note the 8!)

I'm tired and can't figure out why these are different, and am convinced that is the inherent problem in sending to some domains.  Am I right?  How am I to move forward?

Thanks for all the help in advance, and I will provide any information needed further, as quickly as I can.
0
browningit
Asked:
browningit
  • 4
  • 2
2 Solutions
 
davorinCommented:
You should ask the ISP provider to set rDNS record to match SMTP banner.
These two should be the same.
And this can be the reason of most sending mail problems.
You should also look at blacklists if the server's IP is on them.
0
 
browningitSysadminAuthor Commented:
I figured it might have been a typo, and I thought there was something off here. Will ping back when I hear from.
0
 
davorinCommented:
OK.
And enabling logging on SMTP connectors can help you find the reasons of problems on SMTP mail flow.
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 
Simon Butler (Sembee)ConsultantCommented:
The external sites that test SMTP also give you false information.
On Exchange 2007 and higher the RECEIVE Connector and the SEND Connector give out different information. Those sites make a connection to your server and get the RECEIVE connector banner. That cannot match your PTR.
The one that is important for sending email is the SEND Connector FQDN, which you can check for yourself and should match the PTR, have a valid matching A record and be the correct address going through the NAT on your firewall.

Simon.
0
 
browningitSysadminAuthor Commented:
davorin - it appears now that mail is working (at least this hour, I will continue to check throughout the day) to the domains I was previously having issues with.  No bounce backs to report.

Simon - thank you for your information.  At this time, I am of the mind that I have all that information in line with what you mentioned.  I will verify it and your comments just to ensure later, but as for now my mail appears to be happy.

I'll close this topic out tomorrow, should all go well today.

Cheers,
0
 
browningitSysadminAuthor Commented:
Davorin - Yes, this was indeed my issue.  Glad that I was on the right page and happy that you confirmed.

Simon - Yes, all your information is perfect.  Mail is still going well, and receive connectors were an untouched issue in this matter.  Thanks for all your input.

Very glad to have you all around when I get tired on the weekends.  Working together makes my life easier!  Points for everyone!
0
 
browningitSysadminAuthor Commented:
Both users clarified my original notes well, and added in thorough descriptions for other people reading it in the future.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now