Solved

Exchange 2007 HELO / rDNS errors and issues sending mail to some domains

Posted on 2013-06-01
7
469 Views
Last Modified: 2013-06-03
Hi all,

I am working on a server that is having issues sending mail to a handful of recipients.  This is not a server or environment that I have configured, and I am tired and have confused myself.  I have run some of the MXtoolbox and DNSstuff checks, to find a few things:

MXToolbox reports that my rDNS is working fine.

DNSstuff, reports:

"WARNING: The hostname in the SMTP greeting does not match the reverse DNS (PTR) record for your mail server. This probably won't cause any harm, but may be a technical violation of..."

Now, when I send to one person's domain I get this error:

smtp2.wedohosting.com #554 We do not accept mail from hosts without a reverse dns PTR record. Please contact your Internet Service Provider to have this fixed. ##

So, I started fishing for EHLO and HELO info, to find this out:

1)  All of my records show that mail1.mydomain.com -> XXX.XXX.XXX.XX9 (note the 9!)

2) When I run the HELO/EHLO check on abuseseat.org, it reports that mail1.mydomain.com -> XXX.XXX.XXX.XX8 (note the 8!)

I'm tired and can't figure out why these are different, and am convinced that is the inherent problem in sending to some domains.  Am I right?  How am I to move forward?

Thanks for all the help in advance, and I will provide any information needed further, as quickly as I can.
0
Comment
Question by:browningit
  • 4
  • 2
7 Comments
 
LVL 27

Accepted Solution

by:
davorin earned 400 total points
ID: 39212954
You should ask the ISP provider to set rDNS record to match SMTP banner.
These two should be the same.
And this can be the reason of most sending mail problems.
You should also look at blacklists if the server's IP is on them.
0
 
LVL 2

Author Comment

by:browningit
ID: 39212995
I figured it might have been a typo, and I thought there was something off here. Will ping back when I hear from.
0
 
LVL 27

Expert Comment

by:davorin
ID: 39213108
OK.
And enabling logging on SMTP connectors can help you find the reasons of problems on SMTP mail flow.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 100 total points
ID: 39214174
The external sites that test SMTP also give you false information.
On Exchange 2007 and higher the RECEIVE Connector and the SEND Connector give out different information. Those sites make a connection to your server and get the RECEIVE connector banner. That cannot match your PTR.
The one that is important for sending email is the SEND Connector FQDN, which you can check for yourself and should match the PTR, have a valid matching A record and be the correct address going through the NAT on your firewall.

Simon.
0
 
LVL 2

Author Comment

by:browningit
ID: 39214483
davorin - it appears now that mail is working (at least this hour, I will continue to check throughout the day) to the domains I was previously having issues with.  No bounce backs to report.

Simon - thank you for your information.  At this time, I am of the mind that I have all that information in line with what you mentioned.  I will verify it and your comments just to ensure later, but as for now my mail appears to be happy.

I'll close this topic out tomorrow, should all go well today.

Cheers,
0
 
LVL 2

Author Comment

by:browningit
ID: 39216070
Davorin - Yes, this was indeed my issue.  Glad that I was on the right page and happy that you confirmed.

Simon - Yes, all your information is perfect.  Mail is still going well, and receive connectors were an untouched issue in this matter.  Thanks for all your input.

Very glad to have you all around when I get tired on the weekends.  Working together makes my life easier!  Points for everyone!
0
 
LVL 2

Author Closing Comment

by:browningit
ID: 39216072
Both users clarified my original notes well, and added in thorough descriptions for other people reading it in the future.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now