Yes, several times through the process of troubleshooting this. There was a point where the firewall was doing esmtp filtering and X’ing out the domain name in the EHLO message; that was corrected.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Micheal Espinola Jr Sent: Thursday, February 08, 2018 8:22 PM To: exchange@lists.myitforum.com Subject: Re: [Exchange] RE: Earthlink Contact? Have you reviewed this? https://mxtoolbox.com/domain/pittcountync.gov/ Earlier, it was showing that you had an "SMTP Banner Mismatch". Many anti-spam mechanisms will flag or outright block on this. Many RFCs say that a serever MUST NOT refuse to accept blah blah blah. That's where anti-spam policies come in. Its not the server blocking; its the anti-spam mechanism. -- Espi On Thu, Feb 8, 2018 at 1:50 PM, Mayo, Bill <bill.m...@pittcountync.gov<mailto:bill.m...@pittcountync.gov>> wrote: I’m not sure I understand your question. The load balancing I am referring to is different internet service providers. Those providers are giving us 2 different IP spaces. I am not completely certain that we are not compliant with what it is saying in the article, because our PTR records are correct. It doesn’t state the method to use and the one Jim described is not looking up a PTR record (or at least not as I am understanding it). I also note that it says “However, if the verification fails, the server MUST NOT refuse to accept a message on that basis.” I appreciate all the dialog. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Micheal Espinola Jr Sent: Thursday, February 08, 2018 4:35 PM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: Re: [Exchange] RE: Earthlink Contact? If you are load balancing, why are you advertising two different IPs? I think what Jim Kennedy has honed-in on is correct, and that the issue is likely HELO/EHLO checking if your PTR records check out. https://en.wikipedia.org/wiki/Anti-spam_techniques#Strict_enforcement_of_RFC_standards (HELO/EHLO checking – RFC 5321) -- Espi On Thu, Feb 8, 2018 at 5:45 AM, Mayo, Bill <bill.m...@pittcountync.gov<mailto:bill.m...@pittcountync.gov>> wrote: I told Earthlink that we had 2 different IP’s for the mail server, and that we had seen rejections from both. He asked for the first IP, which I gave him. He then went to mxtoolbox.com<http://mxtoolbox.com> and looked up the domain name. It returned a different IP than the one I gave him and he suggested that was an issue. I told him that was the other IP and that they were load-balanced; that at any given time an A record lookup would return one or the other. That said, the reverse DNS (PTR) record for each of the IP’s is correct. He told me that he didn’t know what load balancing meant and that he would have to talk to someone else to see what could be done. I am happy to admit I might have some misunderstandings about DNS, but I don’t think that having multiple A records for a given domain name is unusual. I therefore assume they wouldn’t actually try to confirm legitimacy by doing an A lookup and comparing that to the IP. I do want to be clear that he didn’t explicitly say that was the problem. I did try to point out that their error message complained about a missing or mismatched PTR record, and I believe that is all correct. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Michael B. Smith Sent: Wednesday, February 07, 2018 7:08 PM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: [Exchange] RE: Earthlink Contact? I’m sorry, I can’t follow your logic. It seems to fall apart in the sentence beginning “What EarthLink seems…” Could you be a bit more concrete please? In general, I agree with Micheal – you shouldn’t have a PTR mismatch, but that’s not what I get out of your explanation. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Mayo, Bill Sent: Wednesday, February 7, 2018 4:46 PM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: [Exchange] RE: Earthlink Contact? My attempts at postmas...@earthlink.net<mailto:postmas...@earthlink.net> and trou...@earthlink.net<mailto:trou...@earthlink.net> did not work, so I tried the Twitter route. It took a while, but I did ultimately get a response today where they gave me a phone number to call. So, thanks to Michael and everyone else that responded. That said, based on the conversation that I had, I would appreciate a reality check. We have 2 different ISPs and load balance outbound SMTP connections, as well as inbound DNS queries. So, we basically have 2 different IP’s that are used at the edge. We have an MX record that points to the domain name. DNS lookups to that domain name will return one of the 2 IP’s. Both of those IP’s will reverse lookup to the domain name. The HELO/EHLO greeting from the server gives the same domain name as the MX record. Additionally, we have an SPF record that indicates both of those IP’s. What Earthlink seems to be initially suggesting is that they are doing an A record lookup of the domain name and comparing that to the connecting IP address (which seems contrary to the error message). In our setup, this will not always be a match. I can understand that they would do a reverse DNS on the IP to make sure it matches the HELO/EHLO greeting, and I can understand that they might also do an SPF and/or MX lookup to make sure that matches. I don’t understand doing a forward lookup and comparing that to the IP, since I don’t think that having multiple A records for a given domain name is particularly uncommon. Is what they are suggesting a legitimate issue? Bill Mayo From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith Sent: Friday, February 02, 2018 10:49 AM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: [Exchange] RE: Earthlink Contact? Twitter shame them. @Earthlink and @weCareEarthlink And yes, I’m completely serious. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Mayo, Bill Sent: Friday, February 2, 2018 10:16 AM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: [Exchange] Earthlink Contact? We are having emails sent to Earthlink being intermittently rejected with the reason “550 ERROR: No or mismatched reverse DNS (PTR) entries”. We have done quite a bit of troubleshooting on this, and the problem does not appear to be on our end. I actually have logs that show 2 consecutive messages where the first one is accepted and the second one rejected. I also see “421 Load too high” messages in the log from Earthlink when these happen. I am trying to figure out how to contact Earthlink to get some assistance, but am striking out with how to contact them. The have a special page if you are getting a “blocked by EarthLink” response, but that doesn’t apply here. There contact page has chat support that requires you to provide an Earthlink account. Does anybody know how to get in touch with someone at Earthlink that could actually help with this problem? Bill Mayo
