Solved

Reverse DNS Exchange 2010

Posted on 2014-11-07
10
18 Views
Last Modified: 2015-10-27
I have an Exchange server 2010 with multiple domains.  The problem I have is some emails that go out would fail to a relay error.  I have my ISP setup a reverse dns but even with that it still fails to some selected emails that end users send.  

I tried to change my FQDN value i get a AuthMechinism on receiver connector error.  Can I have multilple FQDN so when other email server check my SMTP banner it replies correctly?  How is this all setup?

Thanks,
0
Comment
Question by:Bulls-Eye
  • 5
  • 4
10 Comments
 
LVL 16

Expert Comment

by:Shaik M. Sajid
Comment Utility
it's happening only with selected users ?... did u check from those selected users domain are u able to receive the email from other users ?


did u check at mxtoolbox.com

what is the result it's giving ?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
On Exchange 2010, the only FQDN that matters is the one on the SEND connector. Ignore the one on the receive connector, as that plays no part in the delivery of your email. You would only "fix" it to pass the test at mxtoolbox and the like, but it wouldn't make any difference.

The FQDN on the Send connector needs to resolve to your Exchange server and match the PTR on the IP address.

If emails are failing for users, what does the NDR say?

Simon.
0
 

Author Comment

by:Bulls-Eye
Comment Utility
I have multiple domains on my exchange server.  I originally had my ISP setup with all the domain for reverse DNS but I noticed it did a round robin so I switched it to just one primary domain that is important.  So my ISP resolves that one domain.  However, mxtoolbox fails and the response of the server SMTP banner is the domain I originally setup all the servers one.  So I think I need to change that banner but unsure how to do that.  I did try to make that one domain I want that the ISP resovles too as default but that didn't matter and still fails mxtoolbox.  

My challenge is to make every domain pass this reverse lookup.  but at first at least this one domain.

Fred
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
Comment Utility
mxtoolbox will ALWAYS fail and it doesn't matter one bit.

I posted this in 2009:
http://blog.sembee.co.uk/post/Exchange-2007-and-SMTP-Banner-Tests.aspx

And this earlier this year.
http://blog.sembee.co.uk/post/Exchange-200720102013-Outbound-SMTP-Banner-Testing.aspx

The domains that you are accepting emails for does not matter. The only thing that matters is that the PTR is set correctly (just one record), the PTR resolves to the correct IP address on the A record and the correct FQDN is set on the SEND Connector.

Simon.
0
 

Author Comment

by:Bulls-Eye
Comment Utility
I have the PTR record set correctly with my ISP.  Those email server that do reverse lookup still deny my emails.  
when I originally created my exchange server it is in a domain that all the other servers are in.  However, I needed to add an additional domain and have email accounts with that domain.  In active directory I have an OU for that domain and have that domain listed in the domains for my exchange server.   I am not sure why that fails.

Do I need to have a single exchange server for each domain that I need to support and make sure I have static IP assigned to each domain/exchange server?

Fred
0
Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
There aren't enough IP addresses in the world for every domain to have its own IP address. Therefore no, you don't need a separate Exchange server for every domain.
Did you run through the tests that I outlined in my blog postings above? If your messages are being rejected, what does the NDR say?

Simon.
0
 

Author Comment

by:Bulls-Eye
Comment Utility
I am still having this issue.  these things have not resolved my problem.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
That doesn't really help provide you with a solution.
You have provided no information to assist. The contents of the NDR would be a huge help, but also indicating what you have done would be of some assistance.

Simon.
0
 

Author Comment

by:Bulls-Eye
Comment Utility
I've requested that this question be deleted for the following reason:

didn't answer my problem
0
 

Author Comment

by:Bulls-Eye
Comment Utility
I do have a question.  BTW good article.  
will email get rejected on some email servers due to the inability to change the FQDN receive conector? since some email server verify SMTP banner for domain name to protect from what it may think as a relay?
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video discusses moving either the default database or any database to a new volume.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now