Announcement

Collapse
No announcement yet.

Rejected mail by remote SMTP

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Rejected mail by remote SMTP

    Hello,

    I have this problem with an Exchange 2k7 server when sending mail to recipients hosted on bezeqint.net.

    The outgoing header appears as bellow:

    ---
    Return-Path: [email protected]eived: from 0xxxxx7002.xxx.net (LHLO a.mx.xxx.net) (x.x.x.x) by a.mx.xxx.net with LMTP; Mon, 30 Mar 2009 15:19:06 +0300 (EEST)Received: from localhost (localhost [127.0.0.1]) by a.mx.xxx.net (Postfix) with ESMTP id 707C51CC592 for <[email protected]>; Mon, 30 Mar 2009 15:19:06 +0300 (EEST)X-Virus-Scanned: amavisd-new at xxx.netX-Spam-Flag: NOX-Spam-Score: -2.492X-Spam-Level: X-Spam-Status: No, score=-2.492 tagged_above=-10 required=6.6 tests=[AWL=0.106, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_HTML_MOSTLY=0.001, SPF_PASS=-0.001]Received: from a.mx.xxx.net ([127.0.0.1]) by localhost (a.mx.xxx.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CRSVlmhPHbuS for <[email protected]>; Mon, 30 Mar 2009 15:19:02 +0300 (EEST)Received: from a.mx.yyy.net (a.mx.yyy.net [x.x.x.x]) by a.mx.xxx.net (Postfix) with ESMTP id 296291CC412 for <[email protected]>; Mon, 30 Mar 2009 15:19:02 +0300 (EEST)Received: from heimdal.yyy.lan ([192.168.0.1]) by heimdal.yyy.lan ([192.168.0.1]) with mapi; Mon, 30 Mar 2009 15:16:34 +0300From: ME [email protected]To: "[email protected]" <[email protected]>Date: Mon, 30 Mar 2009 15:18:58 +0300Subject: testThread-Topic: testThread-Index: AcmxMbOfeQGhDFXZTym/daHGYiS1HQ==Message-ID: [email protected] .yyy.lan

    ---

    The error message is "#501 Sender domain must exist ##".

    The "yyy" external IP resolves corectly on both A and PTR records as well as this message returns only from bezeqint.net.

    Which makes me think that bezeqint.net inspects the last "Received:" header as bellow:

    ---
    Received: from a.mx.yyy.net (a.mx.yyy.net [x.x.x.x]) by a.mx.xxx.net (Postfix) with ESMTP id 296291CC412 for <[email protected]>; Mon, 30 Mar 2009 15:19:02 +0300 (EEST)Received: from heimdal.yyy.lan ([192.168.0.1]) by heimdal.yyy.lan ([192.168.0.1]) with mapi; Mon, 30 Mar 2009 15:16:34 +0300

    ---

    My question is: Is there a way to restrict the Exchange server from sending MAPI headers to domains not in the Organization?
    And if so, how?

    Regards,
    Mihai

  • #2
    Re: Rejected mail by remote SMTP

    Do you have MX records for that domain?
    The fact that you have an internal domain in the headers is NOT the source of the problem. All the remote site is looking at is the server delivering the email and the from line. Nothing else. Many sites will have multiple internal servers that the message goes through.

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment


    • #3
      Re: Rejected mail by remote SMTP

      Yes we do...

      yyy.net. 3600 IN SOA a.ns.yyy.net. hostmaster.yyy.net. 10507 7200 3600 604800 3600
      yyy.net. 3600 IN NS a.ns.yyy.net.
      yyy.net. 3600 IN NS b.ns.yyy.net.
      yyy.net. 3600 IN MX 10 a.mx.yyy.net.
      yyy.net. 3600 IN TXT "v=spf1 a mx ptr mx:a.mx.yyy.net ~all"

      Mihai

      Comment


      • #4
        Re: Rejected mail by remote SMTP

        I was getting your same error. A lot of e-mail servers have started rejecting emails if you have a generic pointer record.

        For example when somone dose a NSLOOKUP of your ipaddress it will return some junk instead of your domain name. you usally have to get this resolved via your ISP. Thell them you want your ipaddress to resolve to your companys website domain name.

        Comment


        • #5
          Re: Rejected mail by remote SMTP

          I don't really thing this would be the cause of it.

          Just happened for me to see that not all mail is being rejected by bezeqing's SMTP proxies. All their proxies accepts mail for delivery, except proxy mr2 and mr5.

          This makes me think those SMTP proxies inspects the message header and take into consideration the last "Received:" header as I stated earlier.

          Since the first post, I did run a lot of tests using other MTAs and none of them rejected mail for delivery.


          Mihai

          Comment


          • #6
            Re: Rejected mail by remote SMTP

            We had the same issue and I just resolved it and I wanted to share the knowledge.
            I installed a new Exchange rollup that had to do with Spam filtering however weeks prior to that a few people were complaining about how their emails were getting bounced and the message recieved was the same as in your post.
            #501 5.7.1 <[email protected].com>... Sender domain must exist ##

            After looking for, what seemed like hours, online to figure it out it hit me.
            5.7.1 was a relay issue and 501 was an unknown user - and reviewing the error further "Sender domain must exist##" made me slap myself.

            If you're like us you have a few domains - your pop server / web server and your exchange. I reviewed the logs and found that everyone that was complaining about bounces the email reply to was set to our internal domain and not to the actual address (for example [email protected] - internal vs [email protected] - external).
            This had never been a problem before and this was a way that I would determine who was on the 2007 exchange vs 2003 exchange. I then read more about the new rollup and the spam filter. What it apparently does is validates the sends email prior to delievery. Changing reply to to the external fix it.

            Further, I changed mine back and forth sending to an AOL account and was able to reproduce the error at will.

            Hope it helps.

            Comment


            • #7
              Re: Rejected mail by remote SMTP

              You do not have a PTR record, you should resolve this.

              Also, the DNS data you posted isn't from the NS I was able to find for the domain 'yyy.net'.

              Non-authoritative answer:
              yyy.net internet address = 210.xxx.xx.xxx
              yyy.net nameserver = ns.874.jp
              yyy.net nameserver = ns.yyy.jp
              yyy.net
              primary name server = ns.yyy.jp
              responsible mail addr = root.ns.yyy.jp
              serial = 20060222
              refresh = 3600 (1 hour)
              retry = 1000 (16 mins 40 secs)
              expire = 3600000 (41 days 16 hours)
              default TTL = 3600 (1 hour)
              yyy.net MX preference = 20, mail exchanger = mail.yyy.net
              yyy.net MX preference = 10, mail exchanger = yyy.net
              yyy.net MX preference = 15, mail exchanger = www.yyy.net

              ns.yyy.jp internet address = 210.xxxxx
              ns.874.jp internet address = 61.xxxxx
              yyy.net internet address = 210.xxxxxxxx>

              Also, mail.yyy.net doesn't resolve? Not that this should cause the problem you are seeing.

              This looks to me like a DNS issue. Start with PTR record, if you use the same IP to send as you do receive, then there is no PTR record set up, I've check the 210.xxxx address.

              Shaun

              Comment


              • #8
                Re: Rejected mail by remote SMTP

                shauncroucher - you are obviously a newcomer to forums. yyy.net is obviously a munged header, and is not the genuine domain name.

                Simon.
                --
                Simon Butler
                Exchange MVP

                Blog: http://blog.sembee.co.uk/
                More Exchange Content: http://exchange.sembee.info/
                Exchange Resources List: http://exbpa.com/
                In the UK? Hire me: http://www.sembee.co.uk/

                Sembee is a registered trademark, used here with permission.

                Comment


                • #9
                  Re: Rejected mail by remote SMTP

                  Sembee - I was pretty sure it was a munged header, now I look again you're right, it obviously is!

                  ...and I should know better! Thanks for the kick up the **

                  Shaun

                  Comment


                  • #10
                    Re: Rejected mail by remote SMTP

                    The configuration we have is like this:
                    . 1 pure 2k7 ex no anti-spam/anti-virus installed
                    . 1 fortimail ati-spam/anti-virus installed in transpared mode
                    . 1 BB ent server

                    as stated before, for some reason, only few MX proxies from BZQINT would refuze mail from me event today (not all of them). i have also received reject messages from jesselson.com a few days ago.

                    it really seem strange to me since all of them appear to accept mail from me once every few days, then they just think to reject it.

                    My fortimail does not sign on headers so i guess this should be a connection issue since a few days ago, while connected to a posix server in IL i wanted to do a dig on a domain in RO and my response was a simple "timeout" while other countries would resolve it in a blink of an eye.

                    I guess this would be some sort of a paranoid filtering in between...


                    Mihai

                    Comment

                    Working...
                    X