• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 929
  • Last Modified:

Hotmail problems sending to Exchange 2010

Hello all,

We have a freshly installed Exchange 2010 server (on Server 2012) which coexisted with 2003 for a short time then the 2003 was peacefully removed.
All is going perfectly except we have found that no one @hotmail.com can send directly to our exchange domain, but they are able to reply just once.
The bounceback each time is...

Reporting-MTA: dns;dub0-omc1-s5.dub0.hotmail.com
Received-From-MTA: dns;DUB109-W34
Arrival-Date: Mon, 17 Mar 2014 17:42:20 -0700

Final-Recipient: rfc822;user@domain.com
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;550-Please turn on SMTP Authentication in your mail client, or login to the
550-IMAP/POP3 server before sending your message.
550-dub0-omc1-s5.dub0.hotmail.com [157.55.0.204]:38950 is not permitted to
550 relay through this server without authentication.

Our domain has valid SPF record, and sends all outbound through McAfee SAAS email security service. Inbound has MX records sending email to McAfee then down to our server.

The receive connector is set to only allow the two McAfee server ranges to send in, I did allow ALL to send but this made no difference.

Logs...
Logs show that 3 of many emails made it into exchange directly from Hotmail IP's, but from there senders still got a bounceback.
Replies show the hotmail email coming in via McAfee IP range.
So it looks like replies follow the MX records, but new emails do not through A records maybe hit the exchange server directly (maybe autodiscover)?

I am at a loss so here I am.

Cheers

Craig
0
Tingathewinga
Asked:
Tingathewinga
  • 2
2 Solutions
 
Brian BIndependant Technology ProfessionalCommented:
It seems like a lot of people out there are having this problem. It has to do with the unique way the Hotmail send messages. Many people seem to ask about this problem, but nobody has confirmed that they found a solution.

One thing that people seem to say is that Hotmail for some reason tries to confirm the domain where it is going. So if your A record and MX are different (which is not uncommon), you get the problem you describe.

http://hotmailfail.blogspot.co.uk/

This blog is not about Exchange, but the solution would be relevant.
0
 
TingathewingaAuthor Commented:
Hi there,

The problem seems to have been slow responding DNS servers, it seems hotmail in their wisdom try the A record after a very short time if the MX answer isn't given.
We solved it by moving the DNS service to another provider.
Testing DNS response times between providers showed that the one in use was very slow compared to others.
Hopefully this helps others in this strange situation.

Cheers

Craig
0
 
TingathewingaAuthor Commented:
TBone2k's comment gave me the connection to the end result.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now