RE: can't send to yahoo.com
- From: "Lara, Greg" <GLara@xxxxxxx>
- To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
- Date: Thu, 12 Aug 2004 10:16:47 -0400
Thanks Al, I appreciate your thorough answer.
RFC 821 is pretty loose in terms of the semantic requirements of the SMTP
"conversation," and your explanation clarifies very well why. I guess a
discussion of the SMTP protocol is outside the realm of this list, but I'll
let it suffice to say that until the more recent RFCs (such as 2505) carry
more weight with software developers and administrators, or until a better
protocol is developed, UCE will continue to plague us.
Greg Lara
IT Department
Anti-Defamation League
823 UN Plaza
New York, NY 10017
(212) 885-7764 (voice) (212) 885-5807 (fax)
glara@xxxxxxx
Use the ADL Helpdesks:
IT:
http://www.webhelpdesk.com/cgi-bin/WebObjects/HostedHelpdesk.woa/wa?id=25
Development:
http://www.webhelpdesk.com/cgi-bin/WebObjects/HostedHelpdesk.woa/wa?id=49
----------------------------------------------------------------------------
---------------------------
This e-mail message may contain privileged, confidential and/or proprietary
information intended only for the person(s) named. If you are not the
intended recipient, please destroy this message, and any attachments, and
notify the sender by return e-mail. If you are not the intended
recipient(s), or the employee or agent responsible for delivering the
message to the intended recipient(s), you are hereby notified that any
dissemination, disclosure or copying of this communication is strictly
prohibited.
----------------------------------------------------------------------------
---------------------------
-----Original Message-----
From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx]
Sent: Thursday, August 12, 2004 9:34 AM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
Thanks Greg. That helps out and you are correct that I inferred the thought
from the phrases used.
To answer your question:
In your example, the sending domain is houstonjewish.org. The sending MTA
is sbserver.JFED.local. I see absolutely nothing wrong with that in the
SMTP world at all. Wouldn't be too different for my own domain which hosts
+ 150 domains but only has one for the FQDN of the host. Hosting
organizations would do likewise, right? ISP's, ASP's, etc. that host other
domains (could anyway). That would be a single host responsible for many
domains.
It still complies with the RFC since it identifies the 'sender-SMTP' or
sending MTA a.k.a. 'the client' to the receiving MTA. I'm of the opinion
that this is in the RFCs more for troubleshooting and returning
undeliverable mail than anything else.
Keep in mind that when the RFC's were written by J. Postel, they had a lot
of other competing technologies. Some are still out there. The networks
were not nearly as prevalent nor as good and name resolution was a new
concept (DNS) still being worked out. To get an email from one host to
another reliably was a major accomplishment. To do so repetitively was
almost impossible. At the time, there were other mailers out there as well
and you had to play nicely with them. That's one reason Sendmail is so
prevalent IMHO - it was good at working as glue with different mailers. IBM
and DEC were the biggest players at the time and they each had a different
product that was competing for email dollars. It was possible (still is) to
route a message through different hosts to get to the destination vs. a lot
of the smaller companies today that put a single mailer up and talk to other
small companies that have a single mailer. Having those mailers identified
in the headers was a big deal since you may have to figure out which host
decided it couldn't deliver mail to the next in the route. Hence, SMTP was
designed as store and forward meaning that each host was expected to 'own'
the message once it accepted it. The concept of client and server is used
many times to describe SMTP and it should be noted that a client is the host
that submits a message to the server; a user interaction is not required nor
is a UA. A host on the route to final disposition is a server at one point
in the routing and a client later when it submits it to the next mailer and
so on until final disposition.
The SMTP user agent (UA) is responsible for identifying the sending domain
in the message upon initial submission and mailers MUST NOT change that (not
that they don't, but...) in the headers strictly speaking. The hosts will
strike up a conversation with each other and identify each other, but
whether the sending domain is the same in the message as the host that sent
it is not a requirement or even possible in many instances. That's an
afterthought that people try in order to cope with UCE. But since SMTP is
architected to be open, it's got issues at the core with matching the
sender's domain with the server's domain. There is no reasonable
expectation that this is the case and that is what the major failing of
reverse DNS is in this scenario. However, reverse DNS is used because it
makes it more difficult to spoof the client ip address in the SMTP
conversation and you at least have a shot at tracking a message back to the
originating host with some sort of accuracy; makes obscurity harder. It
doesn't work well at stopping UCE/spam and it has a significant cost
overhead (in terms of computing costs) if it has to decompose each piece of
email and then compare that to the DNS .in-addr.arpa resource records of the
submitting host. As in the example above, it can also disrupt legitimate
mail transfer especially in organizations with more than one mailer in their
realm of responsibility.
Reverse DNS does often interrupt the expected workings of SMTP mail as can
other items designed to filter legitimate from non-legitimate mail. We've
seen plenty of that lately in the form of militant and liberal use of SPF
which is likely no better than reverse DNS for the same reasons noted above.
On that note, I notice that the internet draft from pobox.com is about to
expire and is no longer listed anywhere official other than their own
website.
Does anyone have the story on that? I notice there are some drafts from
Sendmail and Microsoft separately that look like they are similar, but can't
tell what happened with the SPF stuff. Makes me curious. :)
Al
-----Original Message-----
From: Lara, Greg [mailto:GLara@xxxxxxx]
Sent: Wednesday, August 11, 2004 4:28 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
Al, I'm not suggesting the RFC says MUST in referring to this technique, but
perhaps you inferred that when I used the phrase 'adherence to the RFCs,'
which is understandable. And as I said, we found out pretty quickly that
this isn't a reliable method of identifying spam, so we gave it up.
I may have been mixing my mail server configuration issues, so let me
clarify my statements about Exchange misconfigurations. Our SMTP relays
generate reject warnings when the hostname sent in the helo statement isn't
"valid". Take the following log entry (it will be wrapped, but it's one
line):
Aug 11 19:05:18 relay postfix/smtpd[64170]: 955B2259A86: reject_warning:
RCPT from mail.houstonjewish.org[68.88.10.185]: 550 <sbserver.JFED.local>:
Helo command rejected: Invalid Hostname; from=<xxxx@xxxxxxxxxxxxxxxxx>
to=<xxxxx@xxxxxxx> proto=ESMTP helo=<sbserver.JFED.local>
Their DNS states that their mail server is mail.houstonjewish.org, but when
the server connects to another relay, it greets it with sbserver.JFED.local.
From RFC 821:
"HELLO (HELO)
This command is used to identify the sender-SMTP to the
receiver-SMTP. The argument field contains the host name of
the sender-SMTP."
Would you say that the above SMTP transaction to complies with this RFC?
Given that the mail and external domains are houstonjewish.org, I'd say no.
So I'd say that this Exchange server isn't configured correctly. I see a lot
of these.
Greg Lara
IT Department
Anti-Defamation League
823 UN Plaza
New York, NY 10017
(212) 885-7764 (voice) (212) 885-5807 (fax) glara@xxxxxxx Use the ADL
Helpdesks:
IT:
http://www.webhelpdesk.com/cgi-bin/WebObjects/HostedHelpdesk.woa/wa?id=25
Development:
http://www.webhelpdesk.com/cgi-bin/WebObjects/HostedHelpdesk.woa/wa?id=49
----------------------------------------------------------------------------
---------------------------
This e-mail message may contain privileged, confidential and/or proprietary
information intended only for the person(s) named. If you are not the
intended recipient, please destroy this message, and any attachments, and
notify the sender by return e-mail. If you are not the intended
recipient(s), or the employee or agent responsible for delivering the
message to the intended recipient(s), you are hereby notified that any
dissemination, disclosure or copying of this communication is strictly
prohibited.
----------------------------------------------------------------------------
---------------------------
-----Original Message-----
From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 3:19 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
No, realistically you need to look closer at the reason the message wasn't
delivered or was delayed. The reporting MTA is the important field for this
at the moment as is the NDR code if there is one; can you post those?
Note that delays are not uncommon, especially when viruses are mucking
around on the internet. Non-delivery on the other hand would be something
to be concerned about. AOHELL for example seems to be causing some issues
lately with their implementation of SPF records although they say they have
not implemented them yet. Possibly some other system that's not happy to
get mail for all I know. Not sure how that fits into Greg's world though,
since SPF is only an RFC draft from what I've heard
(http://spf.pobox.com/spf-draft-200406.txt).
Greg, how about showing me the RFC that discusses the MUST use reverse DNS
PTR RR's?? I'm having trouble finding an RFC that says I MUST use them.
You may be referring to rfc2505, but last I checked it said, "9) SHOULD be
able to verify "MAIL From:" domain (using DNS or other means)." vs. MUST
indicating that not everyone can or should use this method to identify spam
or UCE.
That's a far cry from the blanket statement you made or your survey of
Exchange admins vs. other mailer admins. Can you show me the RFC? I'm
interested since I've apparently missed that in my RFC reading and I hate to
miss something like that.
-Al
-----Original Message-----
From: luke levis [mailto:luke.levis@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 3:02 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
so the MX record matches the FQDN, and still no go do I need to stop and
restart services.... once Greg pointed me to the MX record thing my FQDN was
the servername.smginc.com not the same as the MX record so I added a record
in our internal DNS and changed the FQDN to match the MX record and clicked
the "Check DNS" button and it said it's valid, but still can't send to
certain ISP's
-----Original Message-----
From: Lara, Greg [mailto:GLara@xxxxxxx]
Sent: Wednesday, August 11, 2004 2:18 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
You wouldn't. That error indicates that the message was received, but not
yet delivered to the recipient. It's quite possibly an internal problem that
yahoo or the recipient is having, and has nothing to do with your
configuration.
Greg Lara
----------------------------------------------------------------------------
---------------------------
This e-mail message may contain privileged, confidential and/or proprietary
information intended only for the person(s) named. If you are not the
intended recipient, please destroy this message, and any attachments, and
notify the sender by return e-mail. If you are not the intended
recipient(s), or the employee or agent responsible for delivering the
message to the intended recipient(s), you are hereby notified that any
dissemination, disclosure or copying of this communication is strictly
prohibited.
----------------------------------------------------------------------------
---------------------------
-----Original Message-----
From: luke levis [mailto:luke.levis@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 2:12 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
it says 220 YSmtp mta399.mail.scd.yahoo.com ESMTP service ready
and I don't see anything in the queue waiting to go to yahoo.com
-----Original Message-----
From: Mark Fugatt [mailto:mark@xxxxxxxxx]
Sent: Wednesday, August 11, 2004 2:06 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
Ahh, so the message has not failed, its been delayed, if you look at your
SMTP queues do you see a lot of mail sitting in the queues, if you goto your
Exchange server and open a command prompt and type:
TELNET mx1.mail.yahoo.com 25
What happens?
Mark Fugatt
MCSE, MCT, Microsoft Exchange MVP
Pentech Office Solutions Inc
Rochester, NY
Tel: 585 586 3890
Cell: 585 576 4750
http://www.4mcts.com
http://www.exchangetrainer.com
-----Original Message-----
From: luke levis [mailto:luke.levis@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 2:00 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
my FQDN is the same as my MX record.. we use sprint as our ISP should I give
them a call.. or will they tell me to go pound sand.. also one of our
(ab)users told me he can't email aol.com, and hp.com, and I get these back
This is an automatically generated Delivery Status Notification.
THIS IS A WARNING MESSAGE ONLY.
YOU DO NOT NEED TO RESEND YOUR MESSAGE.
Delivery to the following recipients has been delayed.
psupeb@xxxxxxxxx
burghfansc@xxxxxxxxx
-----Original Message-----
From: Lara, Greg [mailto:GLara@xxxxxxx]
Sent: Wednesday, August 11, 2004 1:08 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
I have to say that we have seen this problem with many exchange sites. A lot
of admins (damn newbies) don't know to set their SMTP FQDN to the same as
their MX record in DNS, which is cause for an increasing number of ISPs to
reject mail, and for good reason.
Greg Lara
----------------------------------------------------------------------------
---------------------------
This e-mail message may contain privileged, confidential and/or proprietary
information intended only for the person(s) named. If you are not the
intended recipient, please destroy this message, and any attachments, and
notify the sender by return e-mail. If you are not the intended
recipient(s), or the employee or agent responsible for delivering the
message to the intended recipient(s), you are hereby notified that any
dissemination, disclosure or copying of this communication is strictly
prohibited.
----------------------------------------------------------------------------
---------------------------
-----Original Message-----
From: Rich Tibbets [mailto:rtibbets@xxxxxxxxxxxxxxxx]
Sent: Wednesday, August 11, 2004 12:50 PM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
Could you send the NDR, I just had a problem with my users not being able to
send to AOL users. It turned out to be DNS issue reverse DNS lookup issue.
Once my ISP corrected this we could send to our AOL
clients again.
Rich Tibbets
-----Original Message-----
From: Lara, Greg [mailto:GLara@xxxxxxx]
Sent: Wednesday, August 11, 2004 11:55 AM
To: [ExchangeList]
Subject: [exchangelist] RE: can't send to yahoo.com
http://www.MSExchange.org/
Luke, is the NDR coming from your exchange server or from yahoo?
Greg Lara
-----Original Message-----
From: luke levis [mailto:luke.levis@xxxxxxxxxx]
Sent: Wednesday, August 11, 2004 11:47 AM
To: [ExchangeList]
Subject: [exchangelist] can't send to yahoo.com
http://www.MSExchange.org/
we recently upgraded our network to active directory and are running windows
2003 server with Exchange server 2003 and for some reason now everytime
someone tries to send to and addres @yahoo.com they get and NDR, and in our
previous environment we had no restrictions on who you could send it to..
and I am about 2 weeks into using E2k3 so I might as well have a blind fold
on..
any help is appreciated
Luke
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
luke.levis@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
mark@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
luke.levis@xxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
glara@xxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
luke.levis@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
al.mulnick@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
glara@xxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
al.mulnick@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
glara@xxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
Other related posts:
