For the error you're seeing, the issue is the REVERSE LOOKUP for the IP addresses in question. You can have both of your ISPs put in reverse lookup entries for the 2 IPs of "mail.mapsnet.org" to address your problem. The reverse lookup and the forward lookup are really completely de-coupled. If you're going to be trying to do a DNS round-robin for the forward lookup of "mail.mapsnet.org" to the 2 IP addresses, you only need one MX record and have the 2 A records for the same name going to the 2 IP addresses. Alternately, you can have the 2 IP's set up to different FQDNs and have each be an MX record. -----Original Message----- From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] Sent: Mon 4/25/2005 11:16 AM To: [ISAserver.org Discussion List] Cc: Subject: [isalist] RE: Split DNS Questions... http://www.ISAserver.org Well, I guess it's nothing that couldn't be found out by doing a DNS lookup, so here is the info: Domain Name: MAPSNET.ORG ISP 1: 24.213.58.250 ISP 2: 207.75.63.2 MX Record: MAIL.MAPSNET.ORG MAIL.MAPSNET.ORG resolves to 24.213.58.250 The problem arises when recipients of our outbound SMTP traffic uses the 207.75.63.2 route. When this happens, we get a reject message saying something like this: You do not have permission to send to this recipient. For assistance, contact your system administrator. <mail.MAPSNET.ORG #5.7.1 smtp;501 5.7.1 <username@xxxxxxxxxxx>... Sender IP must resolve> Or: You do not have permission to send to this recipient. For assistance, contact your system administrator. <mail.MAPSNET.ORG #5.7.1 smtp;554 5.7.1 The server sending your mail [207.75.63.2] does not have a reverse DNS entry. Connection Rejected. Please contact your Dial-Up/DSL/Network ISP Provider. Default Reject!> There is a route added into RainConnect to route all port 25 traffic via the 24.213.58.250 route, but it didn't seem to make a difference. I also added 207.75.63.2 as an additional A record for MAIL.MAPSNET.ORG, but it didn't seem to help. -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Monday, April 25, 2005 11:30 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Split DNS Questions... http://www.ISAserver.org Major potential e-mail problems is one reason I am weary of using RainConnect if that is what you are using. I am very busy this week including waking up to a down server today, but if you continue to have problems please describe again your exact configuration including real domain names and IP addresses and I will review it. If you would rather, send me the information off list. John T eServices For You ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: davidh@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx