Solved

NDR only happens for two particular domains. Error 451 4.4.0 DNS query failed. Error 421 4.2.1

Posted on 2013-11-13
6
1,024 Views
Last Modified: 2013-11-20
Hello,
We have issue with NDR for two particular domains. All other domains have no issues:
Error 451 4.4.0 DNS query failed
Error 421 4.2.1

I followed the following two articles to change the setting to use External DNS lookups but it didn’t help…
http://www.networkadminsecrets.com/2010/04/421-and-451-exchange-2007-errors.html
http://www.noelpulis.com/fix-exhcange-2010-error-451-440-error-dns-query-failed/

THank you.
0
Comment
Question by:claudiamcse
6 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 39646886
The error deals with an inability to resolve a domain.
Use betterwhis.com to lookup the domain's record to make sure its registration has not lapsed.

The information also includes the servers responsible for the domain
nslookup -q=NS domainname.com. <nameserver responsible for the domain>
If you get an error I.e. Data returned points to root servers or get no such domain, the issue is with the hosting name servers.

There is nothing you can do to solve it.  The domain owner has to address/resolve the issue.
0
 

Author Comment

by:claudiamcse
ID: 39646912
But the users could send before to that domain two weeks before we implemented 2010 server.....so, the domain was good. Also, we have the same error for few domains. Please see the screenshoterror

Also I noticed this in the Exchange Send SMTP log:
69.43.161.123:25,*,,"Failed to connect. Error Code: 10061, Error Message: No connection could be made because the target machine actively refused it 69.43.161.1234:25"
      Note: I changed the real IP for privacy reasons, but just wanted to say that external IP of the 2010 is different than the IP mentioned in the Send connector log…..Not sure why it is showing different IP in the Send connector log than the IP should be

Please advice

Than you so much.

Also the message never leaves Exchange 2010 server.... it goes from 2003 and to 2010....
Is there a work around for this? As I said, the mentioned above links that I posted didn't work
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 39646932
Check whether your 2010 configuration enabled anti-virus/spam mechanisms.

Are the domains with which you are having issues your own? Double check your internal DNS or the DNS on which the 2010 relies.

The difficulty to diagnose the issue, one has to know info.

Try mxtoolbox.com
Lookup the domain.
Then try the smtp test.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 4

Expert Comment

by:FutureTechSysDOTcom
ID: 39646945
Agreed with Arnold especially MXToolbox.  

On the screenshot you posted, 6th line down where it gives "Error 554 Spam Email" - if I am reading that correctly, it is rejecting YOUR email as junk, which means there is something it doesn't like about it.  

I'd check those two domains as well as your own with mxtoolbox.  If you see yellow or red, fix it :)
0
 
LVL 15

Expert Comment

by:Skyler Kincaid
ID: 39647013
Another quick check is you can try to ping those domains just to see if the server is able to resolve the request to an IP or not.
0
 

Author Closing Comment

by:claudiamcse
ID: 39663832
Thank you
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now