mail server hostname in greeting

[AndrewFram]

Hi...We currently use an internal exchange 2007 server and our external DNS is hosted with godaddy with an SPF record. We also use Postini for inbound mail.

We recently changed over from an ISA server to a Sonicwall firewall appliance - this changed the IP address of our mail server.

We are receiving inbound email, but outbound email to AOL and certain cable ISPs are being rejected. DNSReports.com gives the following:

"WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record."

As far as I can tell, the masquerading domain on the email server is correct.

 

[58sniper]

This is probably better suited in forum1582, but:

We recently changed over from an ISA server to a Sonicwall firewall appliance - this changed the IP address of our mail server.

So you have two firewalls, or just the Sonicwall? If just the one, I'd put the ISA back in just as a reverse proxy. Inbound Internet traffic shouldn't be going directly to your Exchange server from your firewall.

As far as I can tell, the masquerading domain on the email server is correct.

When you telnet to the server, what is the response?

Pat Richard
Microsoft Exchange MVP
Contributing author Microsoft Exchange Server 2007: The Complete Reference

 

[AndrewFram]

The ISA server has been decommissioned and we are only using the sonicwall, however there are firewall rules that only allow connections from postini (third party company that screens email for spam).

telnet response:

220 mail1.advsyscon.com Microsoft ESMTP MAIL Service ready at Fri, 30 May 2008 o8:24:48 -0400

(We have an A record for mail1 in our DNS).

 

[AndrewFram]

I think this is somehow related to another issue in which all email to AOL addresses are being bounced with the following code: #550 Reverse DNS lookup failed ##

Bounced messages return a section of the header:
Original message headers:

"Received: from mail1.advsyscon.com ([XXX.X.X.XX]) by mail1.advsyscon.com
([XXX.X.X.XX]) with mapi; Wed, 28 May 2008 09:40:30 -0400"

where XXX.X.X.XX is the PRIVATE IP address of the mailserver. Shouldn't it be the public IP address?

 

[noveyron]

http://www.mxtoolbox.com/diagnostic.aspx

See what your rDNS is pointing at.

 

[AndrewFram]

Hmm...that diagnostic reports:

No connection could be made because the target machine actively refused it 141.150.7.3:25

(the server can only receive email from postini's servers)

 

[noveyron]

We recently changed over from an ISA server to a Sonicwall firewall appliance - this changed the IP address of our mail server"

I would imagine that your original rDNS is pointing at the old address, hence the bounces from AOL etc

 

[AndrewFram]

That's the strange thing...I'm not sure we ever had rDNS...we moved our DNS offsite to godaddy a few weeks before switching to the sonicwall and we didn't have a problem. GoDaddy doesn't even seem to have a section to enter in PTR records

 

[noveyron]

Try with old and new IP's

http://postmaster.aol.com/tools/rdns.html

 

[AndrewFram]

The old address was successful, the new address failed.

I guess I should call godaddy and find how to add rDNS

 

[noveyron]

You need to call your ISP, whoever they are, they are the ones who do your rDNS AFAIK.

 

[58sniper]

your rDNS is wrong.
mail1.advsyscon.com maps to 141.150.7.3
141.150.7.3 comes up empty for me.

Pat Richard
Microsoft Exchange MVP
Contributing author Microsoft Exchange Server 2007: The Complete Reference