Client host rejected: cannot find your hostname Exchange 2010

Hi,

So we started getting some rejected messages now for a couple of places we have been sending to in the past.  I'm hoping to get some help in fixing this and ensuring that everything is configured properly.

My setup.
Exchange 2010
Barracuda Anti-Spam device
1 ISP
I control DNS with ZoneEdit

My domain is mydomain.com
My public ip address is 1.2.3.4
My internal server name is server1.mydomain.local

I need to figure out how to fix this properly once and for all.  I have been messing around with setting a PTR record via zoneedit but it is not working.

Do I need to change anything in the barracuda, exchange, my local DNS, zoneedit?  Everywhere?

I have a PRT record in Zone Edit, 4.3.2.1.in-addr.arpa directed to server1.mydomain.com
My MX points to mail.mydomain.com
Why is the SMTP results showing barracudaAS.mydomain.com as the name?  Is that being read from the Barracuda itself?

Results from MXTOOLBOX

220 barracudaAS.mydomain.com ESMTP (6bc1508cda5c946c14ed1c294d33d62a) [796 ms]
EHLO please-read-policy.mxtoolbox.com
250-barracudaAS.mydomain.com Hello mxtb-pws3.mxtoolbox.com [64.20.227.133], pleased to meet you
250-SIZE 100000000
250-PIPELINING
250-8BITMIME
250 HELP [686 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 Sender <supertool@mxtoolbox.com> OK [702 ms]
RCPT TO: <test@example.com>
550 No such domain at this location [702 ms]
QUIT

SendSMTPCommand: You hung up on us after we connected. Please whitelist us. (connection lost)

MXTB-PWS3v2 3760ms
Matthew CioffiSenior DBAAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
You are setting the PTR in the wrong place.
The PTR is set by your ISP, not in your own DNS. You need to speak to your ISP to get them to set it for you.

You also need to adjust the FQDN on the Barracuda appliance to match the PTR. In this instance, what is on Exchange doesn't matter as the appliance is doing the connection to the outside world.

Thus...

Get your ISP to set the PTR to match the host name for your MX record.
Adjust the banner/SMTP (I don't know what Barracuda calls it) to match that host name.

Job done.

Simon.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Matthew CioffiSenior DBAAuthor Commented:
Ok so even though I have the ability to add PTR records via zone edit I still need the isp to set the ptr record?
0
Simon Butler (Sembee)ConsultantCommented:
Correct.
If you had a lot of public IPs then you could get them delegated to you and Zone Edit supports that. However most ISPs will not do that so you have to get them to do it for you.

Simon.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Matthew CioffiSenior DBAAuthor Commented:
Awaiting the prt record change from ISP.  I will report back once that is done.
0
Matthew CioffiSenior DBAAuthor Commented:
So the record was changed by the ISP, but they misspelled it slightly.

they have en extra letter, I went to zoneedit and made the changes to my MX record, the A record and on the device and internal DNS.

When I use MXTOOLBOX the initial MX lookup is fine, the new name shows.  But when I use the SMTP lookup the old record shows up.

OLD MX here, during the SMTP check.
220 barracudaAS.mydomain.com ESMTP (6bc1508cda5c946c14ed1c294d33d62a)

MX lookup from MXTOOLBOX:
0      barracutaas.mydomain.com      1.2.3.4      2 hrs      Blacklist Check      SMTP Test


What did I miss?
0
Simon Butler (Sembee)ConsultantCommented:
Could simply be replication delays. How long after making the change did you check it?

Simon.
0
Matthew CioffiSenior DBAAuthor Commented:
ISP was 2 days ago and my change was yesterday afternoon.

HOWEVER i noticed finally that the ISP tech mispelled the domain as well as the server name.  I will be calling to get that fixed soon, just noticed that 10 minutes ago.

Still concerned about the 220 barracudaAS.mydomain.com ESMTP (6bc1508cda5c946c14ed1c294d33d62a) not showing the change I made yesterday.  But maybe it needs more time.

Thanks.
0
Simon Butler (Sembee)ConsultantCommented:
A change to the appliance should be effective immediately. The 220 is the banner.

Get the ISP to correct everything back to what it should be.

Simon.
0
Matthew CioffiSenior DBAAuthor Commented:
Ok, so everything looks fine from a MXTOOLBOX lookup and the reverse DNS PTR record seems fine now.  Entering it into searches from multiple places resolves properly.

I still cannot get the email to land in the proper mailbox.  I'm getting delay messages.

I sent a message at 3:40 this morning to try and test it, by 7:40 I got a Delivery is delayed message.  I sent another at 12:00 today and have not seen a bounce or a delay yet.  I have also checked the destination mailbox and the messages are not there.

The PTR record was changed at 9:00 AM yesterday.  I changed everything on my side on Friday evening.

Am I missing something still, or do I need to give it more time?

Thanks.
0
Simon Butler (Sembee)ConsultantCommented:
Sites cache information.
While the change should be live everywhere, the old information may well be cached and you need to wait until the cache flushes. If the change was made on Monday then I would expect it to be functional today.

Simon.
0
Matthew CioffiSenior DBAAuthor Commented:
Hi Simon,

Thank you for all your help.

2 things happened, one was the change was not done as quickly as I would have hoped and it did take longer then expected to propagate.  Second was the fact that the person complaing about the the bounce back originally had a typo in the address and I missed it.  I was using the address he sent me and testing with it.

So on the plus side it forced me to make sure the PTR record was created and everything was created and setup properly.  One the downside I spent WAYYYY to long working on it.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.