unable to send E-mails to specific domains with Exchange Server 2010
Hi guys! Here I am again with another issue.... I don't figure out one when another comes up! I have four users complaining that they can't send E-mails with outlook to a specific domains.... they all saying that they can't send to E-mail addresses with
aol.com. I have Exchange 2010 installed..... everything is good when sending E-mails anywhere else. The users get this message back (BELOW). I checked the Queue Viewer and I see all E-mails there.... I need some help on this!! My first idea is that the problem
is with AOL.com.... But I'm not sure!! PLEASE HELP ME OUT!!
Delivery is delayed to these recipients or groups:
*******@aol.com
Subject: HI!
This message hasn't been delivered yet. Delivery will continue to be attempted.
The server will keep trying to deliver this message for the next 1 days, 19 hours and 55 minutes. You'll be notified if the message can't be delivered by that time.
May 2nd, 2012 9:06am
What is the last error for aol.com that is shown in the queue viewer? That is the first clue as to why the transfer failed.
Free Windows Admin Tool Kit Click here and download it now
May 2nd, 2012 10:34am
Russ, thanks for the response.... this is the last error
421 4.2.1 MSG=: (DNS:NR) http://postmaster.info.aol.com/errors/421dnsnr.html
May 2nd, 2012 10:50am
It looks like this has been an issue in the past for people, have you seen this?
421 DNS:NR
The Reverse DNS lookup for your IP address is failing. This could be a transient issue. Confirm the IP that sends your
mail.
http://postmaster.aol.com/Postmaster.Errors.php
There's some tools available to help test as well.
http://postmaster.aol.com/Postmaster.Troubleshooting.php
Hope that helps....
Also in the future if interested you may want to take a look at a product we offer that will constantly test mail flow and alert if there is an issue (GSX Monitor), check the link, http://bit.ly/Kf5Lon
Free Windows Admin Tool Kit Click here and download it now
May 2nd, 2012 10:58am
From the error message, it looks like you have a reverse DNS issue, either your sending IP is resolving to another name or is not resolving at all. Use AOLs reverse lookup tool with your IP Address to see what it gives you.
http://postmaster.aol.com/cgi-bin/plugh/rdns.pl
May 2nd, 2012 11:11am
Thanks guys! Well, I have the exchange server which bluehost points to...... to be able to use the domain elhogardelnino.org and be able to send or receive emails on exchange..... bluehost created a MX file or DNS record to be able to access emails externally....
this DNS record points to a 12.188.100.74.... the IP address of my server is different. Also, the Ip address of the domain elhogardelnino.org is a different one! I do a nslook up and I get this....
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Administrator>nslookup
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa
primary name server = blackhole.iana.org
responsible mail addr = crain.icann.org
serial = 19971502
refresh = 10800 (3 hours)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)
Default Server: UnKnown
Address: ::1
>
Free Windows Admin Tool Kit Click here and download it now
May 2nd, 2012 11:47am
The IP address of your server may be irrelevant in this case, is it a private IP? (10.x.x.x, 172.16-30.x.x, or 192.168.x.x).
Here are my findings.
> set type=mx
> elhogardelnino.org
Server:
Address:
Non-authoritative answer:
elhogardelnino.org MX preference = 0, mail exchanger = correo.elhogardelnin
o.org
elhogardelnino.org nameserver = ns2.bluehost.com
elhogardelnino.org nameserver = ns1.bluehost.com
correo.elhogardelnino.org internet address = 12.188.100.74
ns1.bluehost.com internet address = 74.220.195.31
ns2.bluehost.com internet address = 69.89.16.4
> set type=a
> correo.elhogardelnino.org
Server:
Address:
Non-authoritative answer:
Name: correo.elhogardelnino.org
Address: 12.188.100.74
> set type=ptr
> 12.188.100.74
Server:
Address:
*** xxxxxxxxxxxxxxxxx can't find 74.100.188.12.in-addr.arpa.: Server failed
So, as you can see, your MX record points to correo.elhogardelnino.org (12.188.100.74), but in the last test for a PTR record, none exist for the IP address 12.188.100.74. If you are sending from a different IP address, then your SendConnector FQDN
has to match what you have in DNS because most SMTP servers attempt some kind of identity verification and if what you are sending in your HELO either does not exist or does not match in DNS, they will drop your connection.
May 2nd, 2012 11:59am
The server IP address is 192.168.***.*** So, what you saying is the I have to check the send connector in exchange to see if it matches the correo.elhogardelnino.org or elhogardelnino.org? Here are some pictures of how I have the send connector....
Free Windows Admin Tool Kit Click here and download it now
May 2nd, 2012 12:34pm
The IP range you have given is in the private address space which means it is translated somewhere on the outbound path. If it is translated to the IP address of correo.elhogardelnino.org, then you need a reverse DNS record (PTR) for that IP to name
match. Your send connector is correct if my above statement is correct about the translated address.
May 2nd, 2012 1:57pm
I'm sorry about my ignorance but How can I create a PTR record or avoid this problem? Do I create one on my server or in my hostspace which is bluehost.com where the MX record is set up as well? Or where should I create the PTR record and how? I'm sorry
it is just that this part is new for me....
Free Windows Admin Tool Kit Click here and download it now
May 3rd, 2012 2:01pm
You need whomever hosts your external DNS to set that up for you or do it in your account on their site. Here is a article from their site,
https://my.bluehost.com/cgi/help/559, but you may want to give them a call to help you through this. I just did a reverse lookup via mxtoolbox.com and your reverse record resolves to
74.100.188.12.in-addr.arpa which is why your AOL email is failing, this is not acceptable for a reverse lookup with AOL.
May 3rd, 2012 3:07pm
I called bluehost and they don't support PRT records.... Because I have a MX record on their site they said they don't manage emails
if they point the MX to my exchange server.. So, probably I
have to set up the PRT on the server.... I'm not sure! The Mx record that I have on bluehost has IP address 12.188.100.74.......
Do you think the .arpa record you are getting needs to have this same address? if so, How can I change it? or do I have to set up a PRT on my server? Once again I'm sorry but this is new for me...
Free Windows Admin Tool Kit Click here and download it now
May 4th, 2012 10:30am
Well, the article I sent you specifically states :
We do have TXT entries and PTR entries to help with SPF records when
sending email. This shows the email was legitimately sent from a Bluehost
server, where the domain will be listed if a Reverse DNS Lookup is done.
PTR is a DNS record, a since you do not host your own external (internet) DNS, there is nothing you can do from your side. One possibility is to contact your ISP to see if they will put a PTR record in their DNS for you (it appeared that you were using
AT&T as your ISP).
May 4th, 2012 10:37am