Hi Barbara, I would do as Mark said regarding trying to locate headers of failed messages from the server that isn't accepting your mail. To solve it correctly though, you have two options, both of which will reflect the correct reverse DNS for all outside mail servers.
1. Your exchange server should masquerade the dns name of the "outside" entry point to your network. ie, if your entry to your network from the outside is outside.mynetwork.com, and that has an MX record for receiving all mail for "mynetwork.com", then you you would alter exchange so that it shows all mail as being sent from "outside.mynetwork.com" as that is what the reverse mail lookups are looking for. And don't forget that whatever the actual address is that is masqueraded, must also be an email name for the clients in your exchange system so that exchange will accept the mail ie [EMAIL PROTECTED] or [EMAIL PROTECTED] 2. You set up a linux relay box using postfix to accept and send all mail to/from the outside world, as an intermediary between outside and the exchange server. This is preferred as exchange should not be talking directly to the outside world -- security problems. You also get a plus in this as it allows you to set up scripting, etc., to help scan inbound mail which strengthens you virus/spam posture. Sam Mark Plowman wrote: > > Barbara, > > > From: Barbara Miller <[EMAIL PROTECTED]> > > Date: Tue, 13 Nov 2001 15:58:49 +0100 > > > > Hello, > > > > I'm running a small PC network, including an Exchange server, behind > > an EigerStein using NAT. Most of the time everything works great. > > We are doing the same, but using Postfix (which I can recommend) under > Linux. > > I also follow the Postfix mailing list and have learnt a *lot* about > mail servers there... > > > However, e-mail sent by the Exchange server to a few domains fails, > > I understand, because there is no public reverse DNS for the > > Exchange server, and some mail servers therefore suspect e-mail > > coming from it is spam. Only the EigerStein router has a public IP. > > If mail is being rejected by a domain, send a mail to the > [EMAIL PROTECTED] and ask him/her what you are doing wrong. > Perhaps the failure notification from the remote server gives you a > few clues. Be careful, I understand that Exchange "helpfully" > massages the messages and alters the content, this may be a pain... > > Perhaps you could post one of the bounce messages so that we could > study it? > > > In other words, e-mail from the Exchange server includes headers like > > this... > > > > Received: from server.aac.edu (gw.aac.edu [195.113.149.145]) > > by ... > > > > ... where server.aac.edu is the Exchange server, which has no external DNS > > entry, and gw.aac.edu is the NATing EigerStein router with public IP > > 195.113.149.145. > > I think that it unlikely that *that* is the problem. > > Mail servers rarely look at "received" lines. > > Things they do look at include: > > 1) The name your server gives when it says "HELO <myname>" or "EHLO > <myname>". > > <Myname> should be the fully qualified DNS name of your server and > some people check this (i.e. do a lookup of the name and see if > matches the IP of your LEAF). > > Having said that, our server name (duif.hexapole.nl) doesn't > resolve and I have never knowingly lost an email. The MX for > hexapole.nl does resolve to the IP of our LEAF, so that *is* good. > > 2) More things that escape me at the moment ;-) > > > What do I need to do to make this failing e-mail go through? > > More information. > > The "bounce" message, info from the remote postmaster > > > Add DNS entries for server.aac.edu? Can I rename the Exchange > > Server "gw" (since there's no gw.aac.edu on the internal network)? > > Niether would do any harm and could well do some good. Try it! > > > Thanks for your attention! > > > > Barbara Miller > > Greetings > > Mark Plowman > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
