Al, I'm not suggesting the RFC says MUST in referring to this technique, but perhaps you inferred that when I used the phrase 'adherence to the RFCs,' which is understandable. And as I said, we found out pretty quickly that this isn't a reliable method of identifying spam, so we gave it up. I may have been mixing my mail server configuration issues, so let me clarify my statements about Exchange misconfigurations. Our SMTP relays generate reject warnings when the hostname sent in the helo statement isn't "valid". Take the following log entry (it will be wrapped, but it's one line): Aug 11 19:05:18 relay postfix/smtpd[64170]: 955B2259A86: reject_warning: RCPT from mail.houstonjewish.org[68.88.10.185]: 550 <sbserver.JFED.local>: Helo command rejected: Invalid Hostname; from=<xxxx@xxxxxxxxxxxxxxxxx> to=<xxxxx@xxxxxxx> proto=ESMTP helo=<sbserver.JFED.local> Their DNS states that their mail server is mail.houstonjewish.org, but when the server connects to another relay, it greets it with sbserver.JFED.local. From RFC 821: "HELLO (HELO) This command is used to identify the sender-SMTP to the receiver-SMTP. The argument field contains the host name of the sender-SMTP." Would you say that the above SMTP transaction to complies with this RFC? Given that the mail and external domains are houstonjewish.org, I'd say no. So I'd say that this Exchange server isn't configured correctly. I see a lot of these. Greg Lara IT Department Anti-Defamation League 823 UN Plaza New York, NY 10017 (212) 885-7764 (voice) (212) 885-5807 (fax) glara@xxxxxxx Use the ADL Helpdesks: IT: http://www.webhelpdesk.com/cgi-bin/WebObjects/HostedHelpdesk.woa/wa?id=25 Development: http://www.webhelpdesk.com/cgi-bin/WebObjects/HostedHelpdesk.woa/wa?id=49 ---------------------------------------------------------------------------- --------------------------- This e-mail message may contain privileged, confidential and/or proprietary information intended only for the person(s) named. If you are not the intended recipient, please destroy this message, and any attachments, and notify the sender by return e-mail. If you are not the intended recipient(s), or the employee or agent responsible for delivering the message to the intended recipient(s), you are hereby notified that any dissemination, disclosure or copying of this communication is strictly prohibited. ---------------------------------------------------------------------------- --------------------------- -----Original Message----- From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx] Sent: Wednesday, August 11, 2004 3:19 PM To: [ExchangeList] Subject: [exchangelist] RE: can't send to yahoo.com http://www.MSExchange.org/ No, realistically you need to look closer at the reason the message wasn't delivered or was delayed. The reporting MTA is the important field for this at the moment as is the NDR code if there is one; can you post those? Note that delays are not uncommon, especially when viruses are mucking around on the internet. Non-delivery on the other hand would be something to be concerned about. AOHELL for example seems to be causing some issues lately with their implementation of SPF records although they say they have not implemented them yet. Possibly some other system that's not happy to get mail for all I know. Not sure how that fits into Greg's world though, since SPF is only an RFC draft from what I've heard (http://spf.pobox.com/spf-draft-200406.txt). Greg, how about showing me the RFC that discusses the MUST use reverse DNS PTR RR's?? I'm having trouble finding an RFC that says I MUST use them. You may be referring to rfc2505, but last I checked it said, "9) SHOULD be able to verify "MAIL From:" domain (using DNS or other means)." vs. MUST indicating that not everyone can or should use this method to identify spam or UCE. That's a far cry from the blanket statement you made or your survey of Exchange admins vs. other mailer admins. Can you show me the RFC? I'm interested since I've apparently missed that in my RFC reading and I hate to miss something like that. -Al -----Original Message----- From: luke levis [mailto:luke.levis@xxxxxxxxxx] Sent: Wednesday, August 11, 2004 3:02 PM To: [ExchangeList] Subject: [exchangelist] RE: can't send to yahoo.com http://www.MSExchange.org/ so the MX record matches the FQDN, and still no go do I need to stop and restart services.... once Greg pointed me to the MX record thing my FQDN was the servername.smginc.com not the same as the MX record so I added a record in our internal DNS and changed the FQDN to match the MX record and clicked the "Check DNS" button and it said it's valid, but still can't send to certain ISP's -----Original Message----- From: Lara, Greg [mailto:GLara@xxxxxxx] Sent: Wednesday, August 11, 2004 2:18 PM To: [ExchangeList] Subject: [exchangelist] RE: can't send to yahoo.com http://www.MSExchange.org/ You wouldn't. That error indicates that the message was received, but not yet delivered to the recipient. It's quite possibly an internal problem that yahoo or the recipient is having, and has nothing to do with your configuration. Greg Lara ---------------------------------------------------------------------------- --------------------------- This e-mail message may contain privileged, confidential and/or proprietary information intended only for the person(s) named. If you are not the intended recipient, please destroy this message, and any attachments, and notify the sender by return e-mail. If you are not the intended recipient(s), or the employee or agent responsible for delivering the message to the intended recipient(s), you are hereby notified that any dissemination, disclosure or copying of this communication is strictly prohibited. ---------------------------------------------------------------------------- --------------------------- -----Original Message----- From: luke levis [mailto:luke.levis@xxxxxxxxxx] Sent: Wednesday, August 11, 2004 2:12 PM To: [ExchangeList] Subject: [exchangelist] RE: can't send to yahoo.com http://www.MSExchange.org/ it says 220 YSmtp mta399.mail.scd.yahoo.com ESMTP service ready and I don't see anything in the queue waiting to go to yahoo.com -----Original Message----- From: Mark Fugatt [mailto:mark@xxxxxxxxx] Sent: Wednesday, August 11, 2004 2:06 PM To: [ExchangeList] Subject: [exchangelist] RE: can't send to yahoo.com http://www.MSExchange.org/ Ahh, so the message has not failed, its been delayed, if you look at your SMTP queues do you see a lot of mail sitting in the queues, if you goto your Exchange server and open a command prompt and type: TELNET mx1.mail.yahoo.com 25 What happens? Mark Fugatt MCSE, MCT, Microsoft Exchange MVP Pentech Office Solutions Inc Rochester, NY Tel: 585 586 3890 Cell: 585 576 4750 http://www.4mcts.com http://www.exchangetrainer.com -----Original Message----- From: luke levis [mailto:luke.levis@xxxxxxxxxx] Sent: Wednesday, August 11, 2004 2:00 PM To: [ExchangeList] Subject: [exchangelist] RE: can't send to yahoo.com http://www.MSExchange.org/ my FQDN is the same as my MX record.. we use sprint as our ISP should I give them a call.. or will they tell me to go pound sand.. also one of our (ab)users told me he can't email aol.com, and hp.com, and I get these back This is an automatically generated Delivery Status Notification. THIS IS A WARNING MESSAGE ONLY. YOU DO NOT NEED TO RESEND YOUR MESSAGE. Delivery to the following recipients has been delayed. psupeb@xxxxxxxxx burghfansc@xxxxxxxxx -----Original Message----- From: Lara, Greg [mailto:GLara@xxxxxxx] Sent: Wednesday, August 11, 2004 1:08 PM To: [ExchangeList] Subject: [exchangelist] RE: can't send to yahoo.com http://www.MSExchange.org/ I have to say that we have seen this problem with many exchange sites. A lot of admins (damn newbies) don't know to set their SMTP FQDN to the same as their MX record in DNS, which is cause for an increasing number of ISPs to reject mail, and for good reason. Greg Lara ---------------------------------------------------------------------------- --------------------------- This e-mail message may contain privileged, confidential and/or proprietary information intended only for the person(s) named. If you are not the intended recipient, please destroy this message, and any attachments, and notify the sender by return e-mail. If you are not the intended recipient(s), or the employee or agent responsible for delivering the message to the intended recipient(s), you are hereby notified that any dissemination, disclosure or copying of this communication is strictly prohibited. ---------------------------------------------------------------------------- --------------------------- -----Original Message----- From: Rich Tibbets [mailto:rtibbets@xxxxxxxxxxxxxxxx] Sent: Wednesday, August 11, 2004 12:50 PM To: [ExchangeList] Subject: [exchangelist] RE: can't send to yahoo.com http://www.MSExchange.org/ Could you send the NDR, I just had a problem with my users not being able to send to AOL users. It turned out to be DNS issue reverse DNS lookup issue. Once my ISP corrected this we could send to our AOL clients again. Rich Tibbets -----Original Message----- From: Lara, Greg [mailto:GLara@xxxxxxx] Sent: Wednesday, August 11, 2004 11:55 AM To: [ExchangeList] Subject: [exchangelist] RE: can't send to yahoo.com http://www.MSExchange.org/ Luke, is the NDR coming from your exchange server or from yahoo? Greg Lara -----Original Message----- From: luke levis [mailto:luke.levis@xxxxxxxxxx] Sent: Wednesday, August 11, 2004 11:47 AM To: [ExchangeList] Subject: [exchangelist] can't send to yahoo.com http://www.MSExchange.org/ we recently upgraded our network to active directory and are running windows 2003 server with Exchange server 2003 and for some reason now everytime someone tries to send to and addres @yahoo.com they get and NDR, and in our previous environment we had no restrictions on who you could send it to.. and I am about 2 weeks into using E2k3 so I might as well have a blind fold on.. any help is appreciated Luke ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: luke.levis@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: mark@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: luke.levis@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: glara@xxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: luke.levis@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: al.mulnick@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: glara@xxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx