451 4.1.8 Possibly forged hostname
We have a problem with only one domain when sender send emails to this domain we receive this error
Last Error: 451 4.1.8 Possibly forged hostname for 207.253.1.70
What should i do ?
On http://mxtoolbox.com/ everything is ok (green)
Connecting to 207.253.1.67
220 mail.ville.blainville.qc.c
EHLO MXTB-PWS3.mxtoolbox.com
250-mail.ville.blainville.
250-SIZE 36700160
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH NTLM
250-8BITMIME
250-BINARYMIME
250 CHUNKING [671 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 Sender OK [671 ms]
RCPT TO: <test@example.com>
550 5.7.1 Unable to relay [5678 ms]
MXTB-PWS3v2 8268ms
I don't know why it's listing 207.253.1.70 because my exchange server mail.ville.blainville.qc.c
Thanks for helping me
Last Error: 451 4.1.8 Possibly forged hostname for 207.253.1.70
What should i do ?
On http://mxtoolbox.com/ everything is ok (green)
Connecting to 207.253.1.67
220 mail.ville.blainville.qc.c
EHLO MXTB-PWS3.mxtoolbox.com
250-mail.ville.blainville.
250-SIZE 36700160
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH NTLM
250-8BITMIME
250-BINARYMIME
250 CHUNKING [671 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 Sender OK [671 ms]
RCPT TO: <test@example.com>
550 5.7.1 Unable to relay [5678 ms]
MXTB-PWS3v2 8268ms
I don't know why it's listing 207.253.1.70 because my exchange server mail.ville.blainville.qc.c
Thanks for helping me
Seth Simmons
is .70 your gateway or some anti-spam appliance?
ASKER
It's my checkpoint firewall with antispam it it
if the mail is going through the firewall (as if exchange is using the firewall as smarthost) then the message would appear as if it was coming from the firewall on .70
if you send a message from there to a gmail address and look at the headers, i'm guessing it shows .70 as received from?
if you send a message from there to a gmail address and look at the headers, i'm guessing it shows .70 as received from?
ASKER
yes
Received: from mail.ville.blainville.qc.c
Received: from mail.ville.blainville.qc.c
It's a little strange setup then though, because incoming mail would go to .67, (that's where the mx points to). So if your exchange smarthost is pointing to .70 that means you're scanning all outgoing messages for spam, but not the incoming ones...
.70 shows vpn?
vpn.ville.blainville.qc.ca
.70 shows vpn?
vpn.ville.blainville.qc.ca
ASKER
It's a checkpoint fw with antispam on it
We are scanning incoming mails arriving to it (check screenshot)
207.253.1.67 is a NAT for our exchange server in our network
207.253.1.70 is our main ip address for the checkpoint firewall
2014-11-03-13-07-38-192.168.100.3---Chec
We are scanning incoming mails arriving to it (check screenshot)
207.253.1.67 is a NAT for our exchange server in our network
207.253.1.70 is our main ip address for the checkpoint firewall
2014-11-03-13-07-38-192.168.100.3---Chec
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks i had two object in my checkpoint fw
One object with a static nat of 207.253.1.67 and one object with not nat.
I deleted the second one and now everything is fine and no more error message. If i checked the headers now i see 207.253.1.67 instead of 207.253.1.70
Thanks you guys
Seth: Do you have a good link to configure SPF record for my exchange 2013 on my domain Windows 2012
Thanks !
One object with a static nat of 207.253.1.67 and one object with not nat.
I deleted the second one and now everything is fine and no more error message. If i checked the headers now i see 207.253.1.67 instead of 207.253.1.70
Thanks you guys
Seth: Do you have a good link to configure SPF record for my exchange 2013 on my domain Windows 2012
Thanks !