dlwynne
asked on
Exchange 2013 - from Internet bounces with smtp;554 5.4.4 SMTPSEND or is accepted but never deivered
Setting up a new 2013 exchange server to replace our old 2003.
Mail from the Internet is fed through Postini and then on to us. Some gets queued for delivery but never shows up. Others bounce with:
Message or connection acked with status Fail and response 554 5.4.4 SMTPSEND.DNS.NonExistentDo
The probem sems to that PART of the box (all in one insatll) knows it is both machine.localdomain and mail.publicdomain.com and part (hub?) does not. So it gets mail for user@domain.com and says "i am machine.localdomain I can;t do anything with that mail" If it does get queued it never gets delivered (I assume for the same reason). Mail sent from a phone via SMTP works (auth required) but mail from Postini does not.. The bounce messge says a mixture of local and Internet names:;
Generating server: machine.localdoamin
user@domain.com
#554 5.4.4 SMTPSEND.DNS.NonExistentDo
Original message headers:
Received: from machine.localdoamin (192.168.1.5) by
machine.localdoamin (192.168.1.5) with Microsoft SMTP Server (TLS) id
15.0.516.32; Fri, 7 Jun 2013 13:42:00 -0500
Received: from psmtp.com (64.18.1.46) by mail.domain.com (192.168.1.5) with
Microsoft SMTP Server (TLS) id 15.0.516.32 via Frontend Transport; Fri, 7 Jun
2013 13:41:42 -0500
Received: from mail-lb0-f173.google.com ([209.85.217.173]) (using TLSv1) by
exprod6mx196.postini.com ([64.18.5.10]) with SMTP; Fri, 07 Jun 2013 11:41:41
PDT
Received: by mail-lb0-f173.google.com with SMTP id t10so4535583lbi.4
On a related note: OWA Mobile login as user@localdomain works, user@domain.com (their email address) does not.
Mail from the Internet is fed through Postini and then on to us. Some gets queued for delivery but never shows up. Others bounce with:
Message or connection acked with status Fail and response 554 5.4.4 SMTPSEND.DNS.NonExistentDo
The probem sems to that PART of the box (all in one insatll) knows it is both machine.localdomain and mail.publicdomain.com and part (hub?) does not. So it gets mail for user@domain.com and says "i am machine.localdomain I can;t do anything with that mail" If it does get queued it never gets delivered (I assume for the same reason). Mail sent from a phone via SMTP works (auth required) but mail from Postini does not.. The bounce messge says a mixture of local and Internet names:;
Generating server: machine.localdoamin
user@domain.com
#554 5.4.4 SMTPSEND.DNS.NonExistentDo
Original message headers:
Received: from machine.localdoamin (192.168.1.5) by
machine.localdoamin (192.168.1.5) with Microsoft SMTP Server (TLS) id
15.0.516.32; Fri, 7 Jun 2013 13:42:00 -0500
Received: from psmtp.com (64.18.1.46) by mail.domain.com (192.168.1.5) with
Microsoft SMTP Server (TLS) id 15.0.516.32 via Frontend Transport; Fri, 7 Jun
2013 13:41:42 -0500
Received: from mail-lb0-f173.google.com ([209.85.217.173]) (using TLSv1) by
exprod6mx196.postini.com ([64.18.5.10]) with SMTP; Fri, 07 Jun 2013 11:41:41
PDT
Received: by mail-lb0-f173.google.com with SMTP id t10so4535583lbi.4
On a related note: OWA Mobile login as user@localdomain works, user@domain.com (their email address) does not.
ASKER
It is a DNS issue. The box passes mail internally using SMTP as well as externally. I have the FQDN of the external parts set to mail.domain.com. Intenrla is set to machine.localdomain and you can't change the FQDN if exchange auth tyoe is on. Mail.domain.com can be resolved by any DNS server, but machine.localldomain can only be resolved by our PDC and SDC. So depending on how I set up the DNS server list and whcih one it picks it doen't know who machine.localdomain is and how to connect to it to pick up or handoff mail - even though this all runs on a single box and single IP.
Fow now, running our PDCas the DNS and / or a hosts entry for nachine.localdomain seems to have (kludge) fixied it
If I don't need exchage auth, then I can change the FQDN of all the parts and fix it the right way??????
Fow now, running our PDCas the DNS and / or a hosts entry for nachine.localdomain seems to have (kludge) fixied it
If I don't need exchage auth, then I can change the FQDN of all the parts and fix it the right way??????
The first thing you should do is check that the FQDN on the SMTP virtual server on Exchange 2003 is set to the server's REAL name, or is set to an FQDN that resolves internally. If not then you need to correct it. That can cause email delivery issues.
If you turn off Exchange Authenticaiton then you will have problems completing the migration, so this is not something that you should do.
Simon.
If you turn off Exchange Authenticaiton then you will have problems completing the migration, so this is not something that you should do.
Simon.
ASKER
there is no connection btween the 2003 and 2013 servers. they are on different domains i manually added the users moved the data via PST export ; import.
If I have a single 2013 box is there a reason to leave exchange auth on? Is it used in 2013 for the hub to talk to the front end?
If I have a single 2013 box is there a reason to leave exchange auth on? Is it used in 2013 for the hub to talk to the front end?
Don't touch the authentication settings, they are not the source of the problem.
The only thing that you have to do with authentication to be able to accept email is enable Anonymous on the Receive Connector of the machine accepting email from the internet - nothing else. No other settings should be touched.
The references to the internal domain are perectly normal because Exchange is transferring the email internally using the internal name.
I would check your DNS configuration. You should have INTERNAL only DNS servers everywhere, no external DNS settings. If you have set external DNS on any connectors, remove them.
Simon.
The only thing that you have to do with authentication to be able to accept email is enable Anonymous on the Receive Connector of the machine accepting email from the internet - nothing else. No other settings should be touched.
The references to the internal domain are perectly normal because Exchange is transferring the email internally using the internal name.
I would check your DNS configuration. You should have INTERNAL only DNS servers everywhere, no external DNS settings. If you have set external DNS on any connectors, remove them.
Simon.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you want to use the email address then you must match it with the UPN on the user account. They will be same, but completely unrelated.
Does Postini deliver anywhere else? Do you have multiple hosts in the system?
Any patterns? Same users all the time, same senders?
Simon.