RE: exchangelist digest: July 13, 2005
- From: "Dan Klobnak" <dan.klobnak@xxxxxxxxxxxxxxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Thu, 14 Jul 2005 11:23:37 -0500
Hi there, MSExchange 2000 Standard SP3 on a Windows 2003 server. Our users
received the following NDR when sending an external e-mail to one external
domain. Not a problem with other domains; and we can reach the domain if we use
a hotmail account or when I SMTP to it. I am hoping to communicate with the
other SysAdmin. Have not seen this one before, and have been doing some
research. Based on the research, I guess I can go in a couple of different
directions, but was curious as to your expert opinions/suggestions.
NDR:
The following recipient(s) could not be reached:
'user@xxxxxxxxxxx' on 13/07/2005 9:26
You do not have permission to send to this recipient. For assistance, contact
your system administrator.
<gsi-fs1.graphicsolutionsinc.com #5.7.1 smtp;554 5.7.1 This message has been
blocked because the HELO/EHLO domain is invalid.>
Note: the server generating the error is our mail server. The NDR is immediate,
and Message Tracking indicates an Event ID 1030 (NDR Generated), immediately
after a 1020 (Started Outbound Transfer).
Searching on:
"You do not have permission to send to this recipient."
Lead to options regarding being filtered by a SPAM...ie. Either on a list
(which we tend to not believe is the case, and pur T1 Provider, Megapath,
stated if we were ID'd as SPAMMER, they would be involved. I take that
statement with a grain of salt). In any event I verified our Open Relay
status, and we're locked down.
1. Any websites you'd recommend to check ourselves against for further
verification?
Another possibility may be an issue with a reverse lookup? Again, this is from
a bunch of sources, none that I would consider authoritive, so I could be
misinterpreting. However, our e-mail comes from our server, and our MX record's
A record actually points to a sister company's IP, as they filter SPAM for us
before forwarding. There is a difference of Public IPs.
Another option maybe the fact that we do not have an SPF record in our DNS
(something I learned about yesterday)?
Searching on:
"This message has been blocked because the HELO/EHLO domain is invalid"
Seemed to point to SMTP Virtual server setting. When I telnet to SMTP, my
server does not match the MX record, which to be compliant with RFC 2821 seems
to be required. The server reflects the actual server name. When I try to
change properties of the SMTP Virtual Server to my MX record, Mail2, I can not
verify to my internal DNS. I don't want to go to the issue of changing my
server's name, and I am thinking I can not have two entries within DNS pointing
to the same IP, or is there a way to accommodate?
Other option, modify my MX record to be reflect my server name?
I admit, I am treading some deep water here for me. Since we're successful with
99.99 of other external e-mails, it is appealing to say it's the other side
(the "been blocked because the HELO/EHLO domain is invalid" certainly is not
saying which domain is invalid. When I SMTP their mail server,
mail.printar.com, their server name is simply printar.com, so they are not
'compliant' either.). However, since we have a few loose ends on our side, I'd
like to tighten us up, as I imagine the ongoing battle with SPAM will simply be
cause more of these errors.
Any other ideas, thoughts, would be GREATLY appreciated.
I can't seem to find anything regarding these search strings at MS support
either, so I assume I'm searching incorrectly. Thanks, Dan
Other related posts:
- » RE: exchangelist digest: July 13, 2005
