Solved

NDR only happens for two particular domains. Error 451 4.4.0 DNS query failed. Error 421 4.2.1

Posted on 2013-11-13
6
1,034 Views
Last Modified: 2013-11-20
Hello,
We have issue with NDR for two particular domains. All other domains have no issues:
Error 451 4.4.0 DNS query failed
Error 421 4.2.1

I followed the following two articles to change the setting to use External DNS lookups but it didn’t help…
http://www.networkadminsecrets.com/2010/04/421-and-451-exchange-2007-errors.html
http://www.noelpulis.com/fix-exhcange-2010-error-451-440-error-dns-query-failed/

THank you.
0
Comment
Question by:claudiamcse
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 39646886
The error deals with an inability to resolve a domain.
Use betterwhis.com to lookup the domain's record to make sure its registration has not lapsed.

The information also includes the servers responsible for the domain
nslookup -q=NS domainname.com. <nameserver responsible for the domain>
If you get an error I.e. Data returned points to root servers or get no such domain, the issue is with the hosting name servers.

There is nothing you can do to solve it.  The domain owner has to address/resolve the issue.
0
 

Author Comment

by:claudiamcse
ID: 39646912
But the users could send before to that domain two weeks before we implemented 2010 server.....so, the domain was good. Also, we have the same error for few domains. Please see the screenshoterror

Also I noticed this in the Exchange Send SMTP log:
69.43.161.123:25,*,,"Failed to connect. Error Code: 10061, Error Message: No connection could be made because the target machine actively refused it 69.43.161.1234:25"
      Note: I changed the real IP for privacy reasons, but just wanted to say that external IP of the 2010 is different than the IP mentioned in the Send connector log…..Not sure why it is showing different IP in the Send connector log than the IP should be

Please advice

Than you so much.

Also the message never leaves Exchange 2010 server.... it goes from 2003 and to 2010....
Is there a work around for this? As I said, the mentioned above links that I posted didn't work
0
 
LVL 78

Accepted Solution

by:
arnold earned 500 total points
ID: 39646932
Check whether your 2010 configuration enabled anti-virus/spam mechanisms.

Are the domains with which you are having issues your own? Double check your internal DNS or the DNS on which the 2010 relies.

The difficulty to diagnose the issue, one has to know info.

Try mxtoolbox.com
Lookup the domain.
Then try the smtp test.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 4

Expert Comment

by:FutureTechSysDOTcom
ID: 39646945
Agreed with Arnold especially MXToolbox.  

On the screenshot you posted, 6th line down where it gives "Error 554 Spam Email" - if I am reading that correctly, it is rejecting YOUR email as junk, which means there is something it doesn't like about it.  

I'd check those two domains as well as your own with mxtoolbox.  If you see yellow or red, fix it :)
0
 
LVL 15

Expert Comment

by:Skyler Kincaid
ID: 39647013
Another quick check is you can try to ping those domains just to see if the server is able to resolve the request to an IP or not.
0
 

Author Closing Comment

by:claudiamcse
ID: 39663832
Thank you
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question