RE: can't send to yahoo.com
- From: "Lara, Greg" <GLara@xxxxxxx>
- To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
- Date: Wed, 11 Aug 2004 16:27:59 -0400
Al, I'm not suggesting the RFC says MUST in referring to this technique, but
perhaps you inferred that when I used the phrase 'adherence to the RFCs,'
which is understandable. And as I said, we found out pretty quickly that
this isn't a reliable method of identifying spam, so we gave it up.
I may have been mixing my mail server configuration issues, so let me
clarify my statements about Exchange misconfigurations. Our SMTP relays
generate reject warnings when the hostname sent in the helo statement isn't
"valid". Take the following log entry (it will be wrapped, but it's one
line):
Aug 11 19:05:18 relay postfix/smtpd[64170]: 955B2259A86: reject_warning:
RCPT from mail.houstonjewish.org[68.88.10.185]: 550 <sbserver.JFED.local>:
Helo command rejected: Invalid Hostname; from=<xxxx@xxxxxxxxxxxxxxxxx>
to=<xxxxx@xxxxxxx> proto=ESMTP helo=<sbserver.JFED.local>
Their DNS states that their mail server is mail.houstonjewish.org, but when
the server connects to another relay, it greets it with sbserver.JFED.local.
From RFC 821:
"HELLO (HELO)
This command is used to identify the sender-SMTP to the
receiver-SMTP. The argument field contains the host name of
the sender-SMTP."
Would you say that the above SMTP transaction to complies with this RFC?
Given that the mail and external domains are houstonjewish.org, I'd say no.
So I'd say that this Exchange server isn't configured correctly. I see a lot
of these.
Greg Lara
IT Department
Anti-Defamation League
823 UN Plaza
New York, NY 10017
(212) 885-7764 (voice) (212) 885-5807 (fax)
glara@xxxxxxx
Use the ADL Helpdesks:
IT:
http://www.webhelpdesk.com/cgi-bin/WebObjects/HostedHelpdesk.woa/wa?id=25
Development:
http://www.webhelpdesk.com/cgi-bin/WebObjects/HostedHelpdesk.woa/wa?id=49
----------------------------------------------------------------------------
---------------------------
This e-mail message may contain privileged, confidential and/or proprietary
information intended only for the person(s) named. If you are not the
intended recipient, please destroy this message, and any attachments, and
notify the sender by return e-mail. If you are not the intended
recipient(s), or the employee or agent responsible for delivering the
message to the intended recipient(s), you are hereby notified that any
dissemination, disclosure or copying of this communication is strictly
prohibited.
----------------------------------------------------------------------------
---------------------------
-----Original Message-----
From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 3:19 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
No, realistically you need to look closer at the reason the message wasn't
delivered or was delayed. The reporting MTA is the important field for this
at the moment as is the NDR code if there is one; can you post those?
Note that delays are not uncommon, especially when viruses are mucking
around on the internet. Non-delivery on the other hand would be something
to be concerned about. AOHELL for example seems to be causing some issues
lately with their implementation of SPF records although they say they have
not implemented them yet. Possibly some other system that's not happy to
get mail for all I know. Not sure how that fits into Greg's world though,
since SPF is only an RFC draft from what I've heard
(http://spf.pobox.com/spf-draft-200406.txt).
Greg, how about showing me the RFC that discusses the MUST use reverse DNS
PTR RR's?? I'm having trouble finding an RFC that says I MUST use them.
You may be referring to rfc2505, but last I checked it said, "9) SHOULD be
able to verify "MAIL From:" domain (using DNS or other means)." vs. MUST
indicating that not everyone can or should use this method to identify spam
or UCE.
That's a far cry from the blanket statement you made or your survey of
Exchange admins vs. other mailer admins. Can you show me the RFC? I'm
interested since I've apparently missed that in my RFC reading and I hate to
miss something like that.
-Al
-----Original Message-----
From: luke levis [mailto:luke.levis@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 3:02 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
so the MX record matches the FQDN, and still no go do I need to stop and
restart services.... once Greg pointed me to the MX record thing my FQDN was
the servername.smginc.com not the same as the MX record so I added a record
in our internal DNS and changed the FQDN to match the MX record and clicked
the "Check DNS" button and it said it's valid, but still can't send to
certain ISP's
-----Original Message-----
From: Lara, Greg [mailto:GLara@xxxxxxx]
Sent: Wednesday, August 11, 2004 2:18 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
You wouldn't. That error indicates that the message was received, but not
yet delivered to the recipient. It's quite possibly an internal problem that
yahoo or the recipient is having, and has nothing to do with your
configuration.
Greg Lara
----------------------------------------------------------------------------
---------------------------
This e-mail message may contain privileged, confidential and/or proprietary
information intended only for the person(s) named. If you are not the
intended recipient, please destroy this message, and any attachments, and
notify the sender by return e-mail. If you are not the intended
recipient(s), or the employee or agent responsible for delivering the
message to the intended recipient(s), you are hereby notified that any
dissemination, disclosure or copying of this communication is strictly
prohibited.
----------------------------------------------------------------------------
---------------------------
-----Original Message-----
From: luke levis [mailto:luke.levis@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 2:12 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
it says 220 YSmtp mta399.mail.scd.yahoo.com ESMTP service ready
and I don't see anything in the queue waiting to go to yahoo.com
-----Original Message-----
From: Mark Fugatt [mailto:mark@xxxxxxxxx]
Sent: Wednesday, August 11, 2004 2:06 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
Ahh, so the message has not failed, its been delayed, if you look at your
SMTP queues do you see a lot of mail sitting in the queues, if you goto your
Exchange server and open a command prompt and type:
TELNET mx1.mail.yahoo.com 25
What happens?
Mark Fugatt
MCSE, MCT, Microsoft Exchange MVP
Pentech Office Solutions Inc
Rochester, NY
Tel: 585 586 3890
Cell: 585 576 4750
http://www.4mcts.com
http://www.exchangetrainer.com
-----Original Message-----
From: luke levis [mailto:luke.levis@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 2:00 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
my FQDN is the same as my MX record.. we use sprint as our ISP should I give
them a call.. or will they tell me to go pound sand.. also one of our
(ab)users told me he can't email aol.com, and hp.com, and I get these back
This is an automatically generated Delivery Status Notification.
THIS IS A WARNING MESSAGE ONLY.
YOU DO NOT NEED TO RESEND YOUR MESSAGE.
Delivery to the following recipients has been delayed.
psupeb@xxxxxxxxx
burghfansc@xxxxxxxxx
-----Original Message-----
From: Lara, Greg [mailto:GLara@xxxxxxx]
Sent: Wednesday, August 11, 2004 1:08 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
I have to say that we have seen this problem with many exchange sites. A lot
of admins (damn newbies) don't know to set their SMTP FQDN to the same as
their MX record in DNS, which is cause for an increasing number of ISPs to
reject mail, and for good reason.
Greg Lara
----------------------------------------------------------------------------
---------------------------
This e-mail message may contain privileged, confidential and/or proprietary
information intended only for the person(s) named. If you are not the
intended recipient, please destroy this message, and any attachments, and
notify the sender by return e-mail. If you are not the intended
recipient(s), or the employee or agent responsible for delivering the
message to the intended recipient(s), you are hereby notified that any
dissemination, disclosure or copying of this communication is strictly
prohibited.
----------------------------------------------------------------------------
---------------------------
-----Original Message-----
From: Rich Tibbets [mailto:rtibbets@xxxxxxxxxxxxxxxx]
Sent: Wednesday, August 11, 2004 12:50 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
Could you send the NDR, I just had a problem with my users not being able to
send to AOL users. It turned out to be DNS issue reverse DNS lookup issue.
Once my ISP corrected this we could send to our AOL
clients again.
Rich Tibbets
-----Original Message-----
From: Lara, Greg [mailto:GLara@xxxxxxx]
Sent: Wednesday, August 11, 2004 11:55 AM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
Luke, is the NDR coming from your exchange server or from yahoo?
Greg Lara
-----Original Message-----
From: luke levis [mailto:luke.levis@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 11:47 AM
To: [ExchangeList]
Subject: [exchangelist] can't send to yahoo.com
http://www.MSExchange.org/
we recently upgraded our network to active directory and are running windows
2003 server with Exchange server 2003 and for some reason now everytime
someone tries to send to and addres @yahoo.com they get and NDR, and in our
previous environment we had no restrictions on who you could send it to..
and I am about 2 weeks into using E2k3 so I might as well have a blind fold
on..
any help is appreciated
Luke
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
luke.levis@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
mark@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
luke.levis@xxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
glara@xxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
luke.levis@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
al.mulnick@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
glara@xxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
Other related posts:
