Eye Ess
asked on
Reverse DNS does not match SMTP Banner after changing SSL cert to .com from .local
We successfully updated our SSL cert for exchange 2010 to a FQD.com from the exchange.domain.local
Mail is flowing. and I believe we took all the internal DNS and Exchange updates.
but I am getting the reverse dns does not match error when looking us up on mxtoobox.com
Not sure why
Mail is flowing. and I believe we took all the internal DNS and Exchange updates.
but I am getting the reverse dns does not match error when looking us up on mxtoobox.com
Not sure why
ASKER
the external address has always been. mail.domain.com
the internal was exchange.local
not sure what the isp should be updating
the internal was exchange.local
not sure what the isp should be updating
What ehlo/helo response do you get from a telnet session to your Exchange server? For Windows Vista and above you *need* to ensure that you have the 'Telnet Client' feature installed.Once this installed then you would do the following:
-saige-
1. Open an administrative command prompt.
2. Type in [b]telnet[/b] and press enter.
3. Type [b]open <exchange server address> 25[/b] and press enter.
4. Type [b]ehlo[/b] or [b]helo[/b] and press enter.
Hello response should match what is reported by your external ip address (which in turn should also match the ssl certificate).-saige-
ASKER
ehlo produces the exchang.local address.
not the mail.com which is the ssl
not the mail.com which is the ssl
Not a problem. You can update your SMTP banner by doing the following:
Open a powershell console on the Exchange server:
-saige-
Open a powershell console on the Exchange server:
Set-ReceiveConnector "Default Frontend server" -Banner "220 mail.contoso.com"
Where mail.contoso.com is the A record that you have registered externally for your mail server; e.g. exchange.domain.com.-saige-
ASKER
ok that is giving me an error stating exchange.local could not be found on our DC??
What is the exact error message? Could you possibly post a snippet or screen cap (make sure to remove any sensitive information)?
-saige-
-saige-
ASKER
Sure thing and thanks
the operation couldn't be performed because the object "exchange.domain.local \default frontend server couldn't be found on dc.domain.loccal
the operation couldn't be performed because the object "exchange.domain.local \default frontend server couldn't be found on dc.domain.loccal
I think I see the error, use the Get-ReceiveConnector command in order to display all of your receive connectors. Then try using the Set-ReceiveConnector command with the Identity as presented by the Get-ReceiveConnector command.
You will recognize the connector you need to modify by looking at the Bindings column and identifying the connector(s) using port 25; e.g. --saige-
You will recognize the connector you need to modify by looking at the Bindings column and identifying the connector(s) using port 25; e.g. --saige-
ASKER
get-receiveconnector gives me
exchange\default (25)
I then run
set-recevieconnector "exchange" -banner "220 mail.domain.com"
and I still get the object exchange.domain.local\exch ange cannot be found on dc.domain.local
categoryinfo :Not specified (0:int32)
exchange\default (25)
I then run
set-recevieconnector "exchange" -banner "220 mail.domain.com"
and I still get the object exchange.domain.local\exch
categoryinfo :Not specified (0:int32)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Its not the commands. I am still getting cannot be found on DC... but dns and AD shows exchange.local
I can ping it from the dc
I can ping it from the dc
ASKER
fullyqualifiederroid: a34f1af1
ASKER
going over the telnet commands.. I can
telnet with mail.domain.com
when I do an ehlo if gives me
exchange.domain.local
telnet with mail.domain.com
when I do an ehlo if gives me
exchange.domain.local
ASKER
Finally got this to work.
Glad you got it resolved. What did the hang-up turn out to be?
-saige-
-saige-
ASKER
added another receiver connector, as we couldn't update the default one.
Most likely that was the error that we were getting..
I appreciate the help. you definitely helped us corner it.
Most likely that was the error that we were getting..
I appreciate the help. you definitely helped us corner it.
-saige-