Solved

Exchange 2013 - from Internet bounces with smtp;554 5.4.4 SMTPSEND or is accepted but never deivered

Posted on 2013-06-07
6
828 Views
Last Modified: 2015-07-08
Setting up a new 2013 exchange server to replace our old 2003.

Mail from the Internet is fed through Postini and then on to us. Some gets queued for delivery but never shows up. Others bounce with:

Message or connection acked with status Fail and response 554 5.4.4 SMTPSEND.DNS.NonExistentDomain; nonexistent domain

The probem sems to that PART of the box (all in one insatll) knows it is both machine.localdomain and mail.publicdomain.com and part (hub?) does not. So it gets mail for user@domain.com and says "i am machine.localdomain I can;t do anything with that mail" If it does get queued it never gets delivered (I assume for the same reason). Mail sent from a phone via SMTP works (auth required) but mail from Postini does not.. The bounce messge says a mixture of local and Internet names:;

Generating server: machine.localdoamin
 
user@domain.com
 #554 5.4.4 SMTPSEND.DNS.NonExistentDomain; nonexistent domain ##
 
Original message headers:
 Received: from machine.localdoamin (192.168.1.5) by
 machine.localdoamin (192.168.1.5) with Microsoft SMTP Server (TLS) id
 15.0.516.32; Fri, 7 Jun 2013 13:42:00 -0500
Received: from psmtp.com (64.18.1.46) by mail.domain.com (192.168.1.5) with
 Microsoft SMTP Server (TLS) id 15.0.516.32 via Frontend Transport; Fri, 7 Jun
 2013 13:41:42 -0500
Received: from mail-lb0-f173.google.com ([209.85.217.173]) (using TLSv1) by
 exprod6mx196.postini.com ([64.18.5.10]) with SMTP;      Fri, 07 Jun 2013 11:41:41
 PDT
Received: by mail-lb0-f173.google.com with SMTP id t10so4535583lbi.4


On a related note: OWA Mobile login as user@localdomain works, user@domain.com (their email address) does not.
0
Comment
Question by:dlwynne
  • 3
  • 2
6 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39231528
Exchange doesn't allow login via email address.
If you want to use the email address then you must match it with the UPN on the user account. They will be same, but completely unrelated.

Does Postini deliver anywhere else? Do you have multiple hosts in the system?

Any patterns? Same users all the time, same senders?

Simon.
0
 

Author Comment

by:dlwynne
ID: 39235539
It is a DNS issue. The box passes mail internally using SMTP as well as externally. I have the FQDN of the external parts set to mail.domain.com. Intenrla is set to machine.localdomain and you can't change the FQDN if exchange auth tyoe is on. Mail.domain.com can be resolved by any DNS server, but machine.localldomain can only be resolved by our PDC and SDC. So depending on how I set up the DNS server list and whcih one it picks it doen't know who machine.localdomain is and how to connect to it to pick up or handoff mail - even though this all runs on a single box and single IP.

Fow now, running our PDCas the DNS and / or a hosts entry for nachine.localdomain seems to have (kludge) fixied it

If I don't need exchage auth, then I can change the FQDN of all the parts and fix it the right way??????
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39240686
The first thing you should do is check that the FQDN on the SMTP virtual server on Exchange 2003 is set to the server's REAL name, or is set to an FQDN that resolves internally. If not then you need to correct it. That can cause email delivery issues.

If you turn off Exchange Authenticaiton then you will have problems completing the migration, so this is not something that you should do.

Simon.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:dlwynne
ID: 39254573
there is no connection btween the 2003 and 2013 servers. they are on different domains i manually added the users moved the data via PST export ; import.

If I have a single 2013 box is there a reason to leave exchange auth on?  Is it used in 2013 for the hub to talk to the front end?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39256106
Don't touch the authentication settings, they are not the source of the problem.
The only thing that you have to do with authentication to be able to accept email is enable Anonymous on the Receive Connector of the machine accepting email from the internet - nothing else. No other settings should be touched.

The references to the internal domain are perectly normal because Exchange is transferring the email internally using the internal name.

I would check your DNS configuration. You should have INTERNAL only DNS servers everywhere, no external DNS settings. If you have set external DNS on any connectors, remove them.

Simon.
0
 
LVL 1

Accepted Solution

by:
progressiontnz earned 500 total points
ID: 39394712
The problem is a wrong DNS setting.
Go to the EAC > Servers > Click on the server > edit (pencil)

On the left click on DNS.
Select a correct network adapter that points to the internal DNS server.
Do this for both External and Internal adapters.

This is especially an issue with Exchange servers running as a VM.

Hope this helps.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now