[ExchangeList] Re: SMTP Errors

  • From: "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 17 May 2006 15:28:13 -0400

This information is very interesting as it conflicts with making sure your SMTP 
banner is correct for reverse lookups. 
 
http://support.microsoft.com/?id=843106 
<http://support.microsoft.com/?id=843106> 
 
states:
 
If the ehlo name that is being sent and that is being advertised cannot be 
found in an Exchange organization, the GSSAPI authentication (EXPS) 
capabilities of a receiving server will persist. The ehlo name will be ignored 
as if it never was advertised. Essentially, the sending server will not try to 
authenticate.

Network Monitor traces have shown that the sending server never issues GSSAPI 
authentication and logs the "504 need to authenticate" SMTP protocol error 
after the XEXCH50 verb. To resolve this issue, make sure that you have the 
correct fully qualified domain name (FQDN) in the SMTP virtual server 
properties.

To verify the delivery settings for the SMTP virtual server, follow these 
steps: 
1.       Click Start, point to All Programs, point to Microsoft Exchange, and 
then click System Manager.        
2.       If the Display administrative groups check box is selected, expand 
Administrative Groups, and then expand First Administrative Group.

To display administrative groups, right-click Your_Organization, click 
Properties, click to select the Display administrative groups check box, click 
OK two times, and then restart Exchange System Manager.   
3.       Expand Servers, expand Your_Exchange_Server, expand Protocols, and 
then click SMTP.    
4.       In the right pane, right-click Default SMTP Virtual Server, and then 
click Properties. 
5.       Click the Delivery tab, and then click Advanced.       
6.       Verify that value that is listed in the Fully-qualified domain name 
box is the actual FQDN of the server.      
Note The FQDN value can either be the network basic input/output system 
(NetBIOS) name or the FQDN.

If the name that is listed in the Fully-qualified domain name box has been 
changed to try to spoof the 220 response name or to spoof the names in the RFC 
2821 received headers, the symptoms that are listed in the "Symptoms" section 
are some of the results.
 
---snip---
 
If I add the FQDN to my delivery options on my SMTP (asnmail.autosoldnow.local) 
then most of my emails will not be recieved as a lot of email servers do a 
reverse lookup when sending emails out and will consider our email server as a 
spam box.  
 
So what's the best plan now?
 
Regards,
Andrew

________________________________

From: exchangelist-bounce@xxxxxxxxxxxxx on behalf of ChongJa@xxxxxxxxxxxxxxxx
Sent: Wed 17/05/2006 2:35 PM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: SMTP Errors



Looks like someone was able to resolve following steps in article

 

http://support.microsoft.com/?id=818222

 

http://groups.google.com/group/microsoft.public.windows.server.sbs/browse_thread/thread/512c636641644a7b/3ef1bd5456da23db?lnk=st&q=504+Need+to+authenticate&rnum=3&hl=en#3ef1bd5456da23db

Other related posts: