We have an on premises Exchange 2010 server running on Windows Server 2008 r2 that recently changed IP address (ISP change). We updated the MX records, and mail flows properly to most domains. However Some domains (most notably Gmail.com) return various delay errors.
Gmail.com returns the error: 451 4.4.0 DNS Query failed
Other servers return the error: 451 4.4.0 Primary Target IP responded with: "421 4.2.1 unable to connect." Attempted failover to alternate host, but did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
We can work around the issue by creating a custom send connector for the domain, and manually entering the domain's mail servers in the network tab.
As far as we can tell, we are not on any blacklists.
SMTPDiag comes back clean.
Microsoft's Remote Connectivity Analyzer comes back clean.
MXToolbox's SMTP test returns a warning about transaction time, and this error: SMTP Banner Check: Reverse DNS does not match SMTP Banner
The Send Connector and Hub Transport are configured to use external DNS servers (Cloudflare and Google).