RE: Hosting Multiple domains in Exchange 2003
I am using zoneedit.com to host the DNS for all of the sites, I made the changes to these 2 domains, along with 5 others over 3 weeks ago. I haven't changed any entries since then so it worries me that you saw different A records. We are doing the actual hosting of the sites. When pinging these 2 sites I get could not find host Nslookup hits our DNS server and returns a non-existent domain even after clearing the cache. I can telnet to the hosting system on port 80 no problem, in addition this same system is hosting other sites which I can access without any trouble. I really think it's a DNS issue and I'm beginning to think it's with our ISP. I use the same ISP for my cable modem at home and have the same issues accessing the sites, however the coffee shop I visit in the morning uses Verizon DSL and I never have an issue getting to any of the sites we host. Turns out something is hosed with our ISP's DNS server. They are currently looking into it. Jonathan Gruber Network Administrator J.B. Long Inc. 610-944-8840 x.213 484-637-1978 direct As I recall, last night, a lookup for www.moyersconstruction.com vs moyersconstruction.com returned two different A records. Likewise for sealcoatmydrive.com. It might have been a mistake on the part of whoever you have doing your hosting. Right now, I get the same A record for both of them, so perhaps it has been fixed. Try again. If it still does it: 1. Clear your browser cache. 2. Use PING to compare the IP addresses the various different domain names are resolving too. 3. If you find a discrepency in step 1, use NSLOOKUP to chase the DNS resolution chain back to where the problem is, and clear the DNS resolver cache of the offending system. 4. Try using TELNET to make a manual TCP connection on port 80, and see if you can get through that way. For step 4, if you're not familiar with the procedure, read http://usertools.plus.net/tutorials/id/21, section entitled Checking a web server. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
This is much more than rumor. In addition to regex style filters that look for generic/dynamic looking PTRs, more and more sites are also blocking if the PTR does not match the A. The later is nothing new -- it's called a double reverse lookup. That's been around since at least the mid 1990's. [...] (Still of questionable effectiveness -- spammers buy domain names, too -- but at least it's doing *something*.) I didn't claim it in its self was new. What is relatively new is that it's becoming more widespread to outright block because of it. Even just 2-3 years ago it was pretty much only the so called lunatic fringe of spam fighters that would 5xx if they didn't match. Botnet spam is the primary target of this type of filtering because virtually none of these machines are in IP space where the crooks can control the PTR (hence PTR doesn't match A). On SPAM-L people consistently post that just this method alone blocks anywhere from 40-80% of their entire spam load so I wouldn't say that it's of limited effectiveness. This is not hard for me to believe since the majority of spam still seems to come via bot-nets. I don't have hard stats here, but I can say that all the machines that actually get to our content filters are This method, of course, does nothing to stem the tide of spam relayed from Google, Yahoo, and the other webmail providers (a now rapidly growing category now that captchas are being broken and peoples accounts are being phished). The main problem seems to be the false positives (which has a variety of definitions depending on your outlook) such as the case here with the OP. Indeed, just checking for the existence of a PTR record is pretty useless, since anyone can put anything they want for IP address space they control. I agree the PTR existence check is limited now that more generic style ptr records are in place. Once upon a time it was more prevalent for dynamic nodes to have no PTR at all. AOL is a prime example of a site which does this existence only checking and rejecting. At the time, when Carl Hutzler was at the helm, it was an effective method for them (this was 3-4 years ago IIRC) and it does have a relatively low filtering cost and minimal chance of false positive. I would be interested to hear from the current AOL postmaster team on its effectiveness in current times. Pattern matching in an attempt to identify domain names which look funny is something I haven't encountered myself, which is why I qualified it that way. It is not quite as widespread due to a variety of reasons (regex complexity being right up there I'm sure) but here's a page that describes it in some detail along with some interesting stats. http://www.mostlygeek.com/2007/02/09/most-effective-header-filtering-rule s/ People do claim it's fairly effective, though I for one, am leery to implement it myself particularly since our filtering is good enough as it is. Plus, regex starts to hit the CPU more... Fixing this is not as big of a problem as it was a couple years back if you have a business level account. Unfortunately, one still encounters problems when there are multiple layers between the person finding the problem and the person who can fix it. I feel your pain. It still amazes me that sometimes the largest organizations (which typically have the largest budget for experienced I.T. personnel and equipment) are often the worst at managing their network. Sites like ***.com (a major/international GPS/GIS vendor) are doing C/R in an implementation that features egregious backscattering potential, another software vendor had dns that was completely hosed by a consultant. With some patience and handholding, they were able to fix things. I'm off to TechEd next week and will definitely be saying ehelo to the Exchange folks. :) Anyone else going? ~JasonG -- ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
Here is the log entry, seems like it might be blacklisted, but I can't find any blacklist that lists us. 2008-06-05 14:02:15 207.115.11.16 OutboundConnectionResponse SMTPSVC1 VM2 - 25 - - 550-67.91.139.138+blocked+by+ldap:ou=rblmx,dc=bellsouth,dc=net 0 0 62 0 260 SMTP - - - - For the other 2 sites I am immediately kicked to a google search which lists the site as the only result. Clicking on the link gives me a page can not be displayed messagehowever just now when I tried to verify the errors I had no trouble accessing the site if I use www. If I just type in sealcoatmydrive.com it gives me the google run around, but both are in the host header value in IIS. Jonathan Gruber Network Administrator J.B. Long Inc. 610-944-8840 x.213 484-637-1978 direct -Original Message- From: Ben Scott [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 04, 2008 10:26 PM To: MS-Exchange Admin Issues Subject: Re: Hosting Multiple domains in Exchange 2003 On Wed, Jun 4, 2008 at 10:36 AM, Jonathan Gruber [EMAIL PROTECTED] wrote: Still having the same issue with shirevalleydesign.com and mail to bellsouth.net. Hmmm. I just tried running some test probes against the MXes for bellsouth.net. From a real ISP feed, I connected no problem, and got immediate OK responses to MAIL FROM:[EMAIL PROTECTED]. I tried multiple probes against both listed MXes. However, from my home Comcast feed, I get a hangup before HELO, with the message that I'm blacklisted. It's a 550 code. I'm not sure if Exchange will consider that a permanent failure or not. If not, and you're blacklisted by them, that would explain the delay-then-failure you're seeing. Try turning on SMTP protocol logging to record a transcript of the SMTP session, and see if bellsouth is rejecting you. If you're not familiar with SMTP protocol logging, this article explains it pretty well: http://www.msexchange.org/tutorials/Exchange-Server-2003-Mailflow-Part-2.html You may want to check the IP address your mail server will be sending from to see if it is on any blacklists. I like the site http://www.mxtoolbox.com/blacklists.aspx for doing that. FWIW, I did run the address your list post came from (24.229.89.2) and the one returned for mail.{shirevalleydesign,moyersconstruction,sealcoatmydrive}.com (67.91.139.138), and both came out clean. Valid PTR records also exist for both. The other 2 domains are moyersconstruction.com and sealcoatmydrive.com . DNS looks good to me. The delegation chain is valid, and I get consistent answers from all nameservers. I also ran ZoneCheck (http://www.zonecheck.fr) against them and it didn't find anything serious. It warned that postmaster@ the domains isn't working, which isn't good, but if BellSouth was rejecting on that they would presumably do so all the time. (Still, you should probably fix your postmaster mailbox.) Turns out in doing some more looking, we can't access the web sites internally either. Not being able to access the web sites probably isn't good, but may or may not be related to your mail problems. What happens when you try the web sites? Name resolution fails, connection times out, HTTP server error, something else...? -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
Postscript: I do notice that 67.91.139.138 reverses to ip67-91-139-138.z139-91-67.customer.algx.net.. I've heard rumor that some spam filters will consider suspicious any IP address with a reverse DNS that looks like that. This is much more than rumor. In addition to regex style filters that look for generic/dynamic looking PTRs, more and more sites are also blocking if the PTR does not match the A. Put it this way, if your relay's PTR does not match its A record it *will* experience delivery issues. This will only get worse so it should be addressed now rather than later. Fixing this is not as big of a problem as it was a couple years back if you have a business level account. Here in the U.S., even ATT dsl customers can now get their reverse DNS delegated or changed. There are a few 3rd party dns providers around that will host reverse dns zones (I can't recommend easyDNS enough for their great support). Email admins should also be aware of the Spamhaus PBL list which is included in the heavily used zen.spamhaus.org blacklist. You can sign up and authorize the specific nodes in your IP range that relay mail. The PBL attempts to list swaths of the Internet that are used primarily by dynamic or end-user type nodes that shouldn't be sending mail. See: http://www.spamhaus.org/pbl/index.lasso If these Reverse DNS or Dynamic IP range type issues cannot be addressed, the only other option is to setup your system to relay through a smarthost that is in correctly configured IP space. This would typically be the upstream ISPs mail relay. In Exchange 2003 this is configured in properties of the default smtp virtual server-Delivery tab-Advanced...-Smart Host field ~JasonG -- ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Hosting Multiple domains in Exchange 2003
+1 to everything that Jason wrote. These conditions are only going to become worse. It behooves you to get with the program sooner than later. Put your DNS ducks in a line. On Thu, Jun 5, 2008 at 11:34 AM, Jason Gurtz [EMAIL PROTECTED] wrote: Postscript: I do notice that 67.91.139.138 reverses to ip67-91-139-138.z139-91-67.customer.algx.net.. I've heard rumor that some spam filters will consider suspicious any IP address with a reverse DNS that looks like that. This is much more than rumor. In addition to regex style filters that look for generic/dynamic looking PTRs, more and more sites are also blocking if the PTR does not match the A. Put it this way, if your relay's PTR does not match its A record it *will* experience delivery issues. This will only get worse so it should be addressed now rather than later. Fixing this is not as big of a problem as it was a couple years back if you have a business level account. Here in the U.S., even ATT dsl customers can now get their reverse DNS delegated or changed. There are a few 3rd party dns providers around that will host reverse dns zones (I can't recommend easyDNS enough for their great support). Email admins should also be aware of the Spamhaus PBL list which is included in the heavily used zen.spamhaus.org blacklist. You can sign up and authorize the specific nodes in your IP range that relay mail. The PBL attempts to list swaths of the Internet that are used primarily by dynamic or end-user type nodes that shouldn't be sending mail. See: http://www.spamhaus.org/pbl/index.lasso If these Reverse DNS or Dynamic IP range type issues cannot be addressed, the only other option is to setup your system to relay through a smarthost that is in correctly configured IP space. This would typically be the upstream ISPs mail relay. In Exchange 2003 this is configured in properties of the default smtp virtual server-Delivery tab-Advanced...-Smart Host field ~JasonG -- ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Hosting Multiple domains in Exchange 2003
On Thu, Jun 5, 2008 at 11:34 AM, Jason Gurtz [EMAIL PROTECTED] wrote: This is much more than rumor. In addition to regex style filters that look for generic/dynamic looking PTRs, more and more sites are also blocking if the PTR does not match the A. The later is nothing new -- it's called a double reverse lookup. That's been around since at least the mid 1990's. Indeed, just checking for the existence of a PTR record is pretty useless, since anyone can put anything they want for IP address space they control. I could add a PTR record claiming my server is www.yahoo.com. Checking to make sure the name returned by the PTR lookup itself returns an A record matching the original IP address actually makes sure the forward and reverse DNS agree. (Still of questionable effectiveness -- spammers buy domain names, too -- but at least it's doing *something*.) Pattern matching in an attempt to identify domain names which look funny is something I haven't encountered myself, which is why I qualified it that way. I did check the IP addresses I indicated, and forward and reverse lookups are consistent for them. But if someone is trying to make blacklist decisions based on how a domain name looks, that's another beast entirely. DNS is still valid in that case. Fixing this is not as big of a problem as it was a couple years back if you have a business level account. Unfortunately, one still encounters problems when there are multiple layers between the person finding the problem and the person who can fix it. Which is not uncommon. One scenario I've encountered at least twice is: I identify a DNS problem, and tell the client about it. They contact the marketing department to find out they've outsourced some Internet marketing activities. I chase that to the marketing contractor, and complain until they put me in touch with their web designer, who in turn says they use a third-party hosting company. I get in touch with the hosting company, who is actually just renting a server from some big colo provider. Then the colo has to forward my request to their ISP. Fun! -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Hosting Multiple domains in Exchange 2003
On Thu, Jun 5, 2008 at 12:17 PM, Jonathan Gruber [EMAIL PROTECTED] wrote: Here is the log entry, seems like it might be blacklisted, but I can't find any blacklist that lists us. 2008-06-05 14:02:15 207.115.11.16 OutboundConnectionResponse SMTPSVC1 VM2 - 25 - - 550-67.91.139.138+blocked+by+ldap:ou=rblmx,dc=bellsouth,dc=net 0 0 62 0 260 SMTP - - - - Well, their server is definitely rejecting you. The ou=rblmx,dc=bellsouth,dc=ne is LDAP-speak for domain context 'bellsouth.net', organizational unit 'rblmx'. So they're apparently running their own, internal blacklist server. That might be fed from other blacklists, or be something entirely of their own construction. Only they know for sure. You'll need to contact them. A Google search for ou=rblmx,dc=bellsouth,dc=net did find this: http://worldnet.att.net/general-info/bls_info/block_inquiry.html Start there. For the other 2 sites I am immediately kicked to a google search which lists the site as the only result. That's Internet Explorer trying to help you. If you're going to be an IT guy, you need to know what's *really* going on. Go into Tools - Internet Options - Advanced, and set the following: Browsing - Show friendly HTTP error messages = Disabled Search from the Address bar = Do not search from the address bar You may also want to install another browser and use that for testing. Internet Explorer has really lousy diagnostics; it tends to give the same message (Cannot find server or DNS Error) for *everything*. I like the Firefox browser. however just now when I tried to verify the errors I had no trouble accessing the site if I use www. If I just type in sealcoatmydrive.com it gives me the google run around, but both are in the host header value in IIS. As I recall, last night, a lookup for www.moyersconstruction.com vs moyersconstruction.com returned two different A records. Likewise for sealcoatmydrive.com. It might have been a mistake on the part of whoever you have doing your hosting. Right now, I get the same A record for both of them, so perhaps it has been fixed. Try again. If it still does it: 1. Clear your browser cache. 2. Use PING to compare the IP addresses the various different domain names are resolving too. 3. If you find a discrepency in step 1, use NSLOOKUP to chase the DNS resolution chain back to where the problem is, and clear the DNS resolver cache of the offending system. 4. Try using TELNET to make a manual TCP connection on port 80, and see if you can get through that way. For step 4, if you're not familiar with the procedure, read http://usertools.plus.net/tutorials/id/21, section entitled Checking a web server. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
Still having the same issue with shirevalleydesign.com and mail to bellsouth.net. The other 2 domains are moyersconstruction.com and sealcoatmydrive.com . Turns out in doing some more looking, we can't access the web sites internally either. Jonathan Gruber Network Administrator J.B. Long Inc. 610-944-8840 x.213 484-637-1978 direct -Original Message- From: Ben Scott [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 03, 2008 11:18 AM To: MS-Exchange Admin Issues Subject: Re: Hosting Multiple domains in Exchange 2003 On Fri, May 30, 2008 at 8:33 AM, Jonathan Gruber [EMAIL PROTECTED] wrote: Ok I've removed the 2 PTD DNS servers, but my DNS checks still show them listed and mail is still failing. I removed them Wednesday 5/28, I figured 24 hours the propagate but this morning their still showing up for me. For a change of registered name servers, you have to wait for: 1. The registrar reseller to process the change (if you're using a reseller (but many registration services are really just resllers)) 2. The registrar to process the change 3. The registry to process the change 4. TTL to expire on any cached records The TTL on the GTLD zones is 48 hours, so you're generally waiting at least two days. Some resellers/registrars can be slow, so 70 or 80 hours is not unheard of. In any event, the shirevalleydesign.com domain looks like it's okay right now. Both registered nameservers are responding properly, and both return the same zone information. Are you still having trouble sending mail to/from them? In addition I've just learned that email from our main company is failing to reach 2 other domains that are hosted on this exchange server. [...] DNS entries are correct for all of the domains. No offense, but you said that before and you were wrong then. :-) Post the domain names, and I or others can investigate. The more information you give people, the more likely someone will be able to help you. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
Jonathan, I've encountered numerous issues with sending mail to hellsouth.net and the solution every time, regardless of platform, was to create a separate SMTP VS dedicated to Bell. HTH, Shook -Original Message- From: Jonathan Gruber [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 04, 2008 10:36 AM To: MS-Exchange Admin Issues Subject: RE: Hosting Multiple domains in Exchange 2003 Still having the same issue with shirevalleydesign.com and mail to bellsouth.net. The other 2 domains are moyersconstruction.com and sealcoatmydrive.com . Turns out in doing some more looking, we can't access the web sites internally either. Jonathan Gruber Network Administrator J.B. Long Inc. 610-944-8840 x.213 484-637-1978 direct -Original Message- From: Ben Scott [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 03, 2008 11:18 AM To: MS-Exchange Admin Issues Subject: Re: Hosting Multiple domains in Exchange 2003 On Fri, May 30, 2008 at 8:33 AM, Jonathan Gruber [EMAIL PROTECTED] wrote: Ok I've removed the 2 PTD DNS servers, but my DNS checks still show them listed and mail is still failing. I removed them Wednesday 5/28, I figured 24 hours the propagate but this morning their still showing up for me. For a change of registered name servers, you have to wait for: 1. The registrar reseller to process the change (if you're using a reseller (but many registration services are really just resllers)) 2. The registrar to process the change 3. The registry to process the change 4. TTL to expire on any cached records The TTL on the GTLD zones is 48 hours, so you're generally waiting at least two days. Some resellers/registrars can be slow, so 70 or 80 hours is not unheard of. In any event, the shirevalleydesign.com domain looks like it's okay right now. Both registered nameservers are responding properly, and both return the same zone information. Are you still having trouble sending mail to/from them? In addition I've just learned that email from our main company is failing to reach 2 other domains that are hosted on this exchange server. [...] DNS entries are correct for all of the domains. No offense, but you said that before and you were wrong then. :-) Post the domain names, and I or others can investigate. The more information you give people, the more likely someone will be able to help you. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Hosting Multiple domains in Exchange 2003
On Wed, Jun 4, 2008 at 10:36 AM, Jonathan Gruber [EMAIL PROTECTED] wrote: Still having the same issue with shirevalleydesign.com and mail to bellsouth.net. Hmmm. I just tried running some test probes against the MXes for bellsouth.net. From a real ISP feed, I connected no problem, and got immediate OK responses to MAIL FROM:[EMAIL PROTECTED]. I tried multiple probes against both listed MXes. However, from my home Comcast feed, I get a hangup before HELO, with the message that I'm blacklisted. It's a 550 code. I'm not sure if Exchange will consider that a permanent failure or not. If not, and you're blacklisted by them, that would explain the delay-then-failure you're seeing. Try turning on SMTP protocol logging to record a transcript of the SMTP session, and see if bellsouth is rejecting you. If you're not familiar with SMTP protocol logging, this article explains it pretty well: http://www.msexchange.org/tutorials/Exchange-Server-2003-Mailflow-Part-2.html You may want to check the IP address your mail server will be sending from to see if it is on any blacklists. I like the site http://www.mxtoolbox.com/blacklists.aspx for doing that. FWIW, I did run the address your list post came from (24.229.89.2) and the one returned for mail.{shirevalleydesign,moyersconstruction,sealcoatmydrive}.com (67.91.139.138), and both came out clean. Valid PTR records also exist for both. The other 2 domains are moyersconstruction.com and sealcoatmydrive.com . DNS looks good to me. The delegation chain is valid, and I get consistent answers from all nameservers. I also ran ZoneCheck (http://www.zonecheck.fr) against them and it didn't find anything serious. It warned that postmaster@ the domains isn't working, which isn't good, but if BellSouth was rejecting on that they would presumably do so all the time. (Still, you should probably fix your postmaster mailbox.) Turns out in doing some more looking, we can't access the web sites internally either. Not being able to access the web sites probably isn't good, but may or may not be related to your mail problems. What happens when you try the web sites? Name resolution fails, connection times out, HTTP server error, something else...? -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Hosting Multiple domains in Exchange 2003
On Wed, Jun 4, 2008 at 10:26 PM, Ben Scott [EMAIL PROTECTED] wrote: ... mail.{shirevalleydesign,moyersconstruction,sealcoatmydrive}.com (67.91.139.138), and both came out clean. Valid PTR records also exist ... Postscript: I do notice that 67.91.139.138 reverses to ip67-91-139-138.z139-91-67.customer.algx.net.. I've heard rumor that some spam filters will consider suspicious any IP address with a reverse DNS that looks like that. You may want to contact the hosting provider and have them change the PTR record for 67.91.139.138 to something more unique, like mail.shirevalleydesign.com.. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Hosting Multiple domains in Exchange 2003
On Fri, May 30, 2008 at 8:33 AM, Jonathan Gruber [EMAIL PROTECTED] wrote: Ok I've removed the 2 PTD DNS servers, but my DNS checks still show them listed and mail is still failing. I removed them Wednesday 5/28, I figured 24 hours the propagate but this morning their still showing up for me. For a change of registered name servers, you have to wait for: 1. The registrar reseller to process the change (if you're using a reseller (but many registration services are really just resllers)) 2. The registrar to process the change 3. The registry to process the change 4. TTL to expire on any cached records The TTL on the GTLD zones is 48 hours, so you're generally waiting at least two days. Some resellers/registrars can be slow, so 70 or 80 hours is not unheard of. In any event, the shirevalleydesign.com domain looks like it's okay right now. Both registered nameservers are responding properly, and both return the same zone information. Are you still having trouble sending mail to/from them? In addition I've just learned that email from our main company is failing to reach 2 other domains that are hosted on this exchange server. [...] DNS entries are correct for all of the domains. No offense, but you said that before and you were wrong then. :-) Post the domain names, and I or others can investigate. The more information you give people, the more likely someone will be able to help you. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Hosting Multiple domains in Exchange 2003
On Fri, May 23, 2008 at 11:20 AM, Jonathan Gruber [EMAIL PROTECTED] wrote: A user has sent an email to a bellsouth account using domainb which is also hosted on this server and the mail is timing out. What's the exact error message? Have you checked Event Viewer for more info? Have you tried using Exchange SMTP diagnostic logging? Have you tried doing the SMTP dialog manually with the TELNET command? When a test is sent from domain to the bellsouth.net address it goes through, so I assume that the reverse dns lookup bellsouth is doing is failing. That doesn't sound like a reverse lookup issue. Reverse lookup is done against the IP address of your mail server. If the problem was with that, it would affect all mail sent from your mail server, regardless of the sender domain name. It might be that the forward lookup of your domainb.com is slow or faulty. Many SMTP servers check the name submitted in MAIL FROM for validity, so a DNS problem there can cause trouble. If you let us know the actual domainb.com, we could check it. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
DomainB is shirevalleydesign.com DNS entries are correct as far as I can tell. ESM error message is An SMTP protocol error occurred. I get a delay message and then a failure message Could not deliver the message in the time limit specified. I can't telnet into mail.bellsouth.net from that server, but I also tried to telnet from a different location and couldn't there either. Jonathan Gruber Network Administrator J.B. Long Inc. 610-944-8840 x.213 484-637-1978 direct -Original Message- From: Ben Scott [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 27, 2008 11:18 AM To: MS-Exchange Admin Issues Subject: Re: Hosting Multiple domains in Exchange 2003 On Fri, May 23, 2008 at 11:20 AM, Jonathan Gruber [EMAIL PROTECTED] wrote: A user has sent an email to a bellsouth account using domainb which is also hosted on this server and the mail is timing out. What's the exact error message? Have you checked Event Viewer for more info? Have you tried using Exchange SMTP diagnostic logging? Have you tried doing the SMTP dialog manually with the TELNET command? When a test is sent from domain to the bellsouth.net address it goes through, so I assume that the reverse dns lookup bellsouth is doing is failing. That doesn't sound like a reverse lookup issue. Reverse lookup is done against the IP address of your mail server. If the problem was with that, it would affect all mail sent from your mail server, regardless of the sender domain name. It might be that the forward lookup of your domainb.com is slow or faulty. Many SMTP servers check the name submitted in MAIL FROM for validity, so a DNS problem there can cause trouble. If you let us know the actual domainb.com, we could check it. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
It looks to me like bellsouth.com uses messagelabs. bellsouth.com MX preference = 20, mail exchanger = cluster7a.us.messagelabs.com bellsouth.com MX preference = 30, mail exchanger = cluster7b.us.messagelabs.com bellsouth.com MX preference = 10, mail exchanger = cluster7.us.messagelabs.com not sure where you got mail.bellsouth.com -Original Message- From: Jonathan Gruber [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 27, 2008 2:18 PM To: MS-Exchange Admin Issues Subject: RE: Hosting Multiple domains in Exchange 2003 DomainB is shirevalleydesign.com DNS entries are correct as far as I can tell. ESM error message is An SMTP protocol error occurred. I get a delay message and then a failure message Could not deliver the message in the time limit specified. I can't telnet into mail.bellsouth.net from that server, but I also tried to telnet from a different location and couldn't there either. Jonathan Gruber Network Administrator J.B. Long Inc. 610-944-8840 x.213 484-637-1978 direct -Original Message- From: Ben Scott [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 27, 2008 11:18 AM To: MS-Exchange Admin Issues Subject: Re: Hosting Multiple domains in Exchange 2003 On Fri, May 23, 2008 at 11:20 AM, Jonathan Gruber [EMAIL PROTECTED] wrote: A user has sent an email to a bellsouth account using domainb which is also hosted on this server and the mail is timing out. What's the exact error message? Have you checked Event Viewer for more info? Have you tried using Exchange SMTP diagnostic logging? Have you tried doing the SMTP dialog manually with the TELNET command? When a test is sent from domain to the bellsouth.net address it goes through, so I assume that the reverse dns lookup bellsouth is doing is failing. That doesn't sound like a reverse lookup issue. Reverse lookup is done against the IP address of your mail server. If the problem was with that, it would affect all mail sent from your mail server, regardless of the sender domain name. It might be that the forward lookup of your domainb.com is slow or faulty. Many SMTP servers check the name submitted in MAIL FROM for validity, so a DNS problem there can cause trouble. If you let us know the actual domainb.com, we could check it. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
Also, nslookup -q=mx shirevalleydesign.com from my workstation failed the first time but worked the 2nd - mxtoolbox (www.mxtoolbox.com) failed 3 or 4 times, then worked when looking up the MX. Not completely propagated yet? Or slow DNS response? -Original Message- From: Don Andrews [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 27, 2008 2:39 PM To: MS-Exchange Admin Issues Subject: RE: Hosting Multiple domains in Exchange 2003 It looks to me like bellsouth.com uses messagelabs. bellsouth.com MX preference = 20, mail exchanger = cluster7a.us.messagelabs.com bellsouth.com MX preference = 30, mail exchanger = cluster7b.us.messagelabs.com bellsouth.com MX preference = 10, mail exchanger = cluster7.us.messagelabs.com not sure where you got mail.bellsouth.com -Original Message- From: Jonathan Gruber [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 27, 2008 2:18 PM To: MS-Exchange Admin Issues Subject: RE: Hosting Multiple domains in Exchange 2003 DomainB is shirevalleydesign.com DNS entries are correct as far as I can tell. ESM error message is An SMTP protocol error occurred. I get a delay message and then a failure message Could not deliver the message in the time limit specified. I can't telnet into mail.bellsouth.net from that server, but I also tried to telnet from a different location and couldn't there either. Jonathan Gruber Network Administrator J.B. Long Inc. 610-944-8840 x.213 484-637-1978 direct -Original Message- From: Ben Scott [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 27, 2008 11:18 AM To: MS-Exchange Admin Issues Subject: Re: Hosting Multiple domains in Exchange 2003 On Fri, May 23, 2008 at 11:20 AM, Jonathan Gruber [EMAIL PROTECTED] wrote: A user has sent an email to a bellsouth account using domainb which is also hosted on this server and the mail is timing out. What's the exact error message? Have you checked Event Viewer for more info? Have you tried using Exchange SMTP diagnostic logging? Have you tried doing the SMTP dialog manually with the TELNET command? When a test is sent from domain to the bellsouth.net address it goes through, so I assume that the reverse dns lookup bellsouth is doing is failing. That doesn't sound like a reverse lookup issue. Reverse lookup is done against the IP address of your mail server. If the problem was with that, it would affect all mail sent from your mail server, regardless of the sender domain name. It might be that the forward lookup of your domainb.com is slow or faulty. Many SMTP servers check the name submitted in MAIL FROM for validity, so a DNS problem there can cause trouble. If you let us know the actual domainb.com, we could check it. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Hosting Multiple domains in Exchange 2003
On Tue, May 27, 2008 at 5:17 PM, Jonathan Gruber [EMAIL PROTECTED] wrote: ESM error message is An SMTP protocol error occurred. That's closer to a real cause. The server you're trying to send to is replying with something your server doesn't like. I'm guessing Exchange thinks the error is a temporary one, and thus queues the mail for retry later. The timeout message you're getting is Exchange saying, I've tried several times now, and it still won't go through; I'm giving up. It might be useful to see a transcript of the SMTP session, but before you go to the trouble: DomainB is shirevalleydesign.com It appears you have some lame delegations (that's the actual technical term) in your DNS zone. When a DNS resolver encounters a lame delegation, it usually fails the lookup (returns SERVFAIL). Any MX that gets that result will consider the domain non-existent and reject it. Good money says that's your problem. The GTLD SOA nameserver shows the following delegations for your domain: $ dig +noall +ans NS shirevalleydesign.com. @a.gtld-servers.net shirevalleydesign.com. 172800 IN NS dns3.ptd.net. shirevalleydesign.com. 172800 IN NS dns4.ptd.net. shirevalleydesign.com. 172800 IN NS ns3.zoneedit.com. shirevalleydesign.com. 172800 IN NS ns7.zoneedit.com. $ The two ZoneEdit servers respond with zone information, but the ptd.net servers respond with a referral back to the root. That means those servers believe they are not authoritative for the domain. (Hence lame delegation; you've delegated authority to servers which do not believe they are authoritative.) $ dig +noall +ans +auth ANY shirevalleydesign.com. @dns3.ptd.net com.116724 IN NS i.gtld-servers.net. com.116724 IN NS j.gtld-servers.net. com.116724 IN NS k.gtld-servers.net. com.116724 IN NS l.gtld-servers.net. com.116724 IN NS m.gtld-servers.net. com.116724 IN NS a.gtld-servers.net. com.116724 IN NS b.gtld-servers.net. com.116724 IN NS c.gtld-servers.net. com.116724 IN NS d.gtld-servers.net. com.116724 IN NS e.gtld-servers.net. com.116724 IN NS f.gtld-servers.net. com.116724 IN NS g.gtld-servers.net. com.116724 IN NS h.gtld-servers.net. $ Fix your DNS and try again. Either configure the two ptd.net nameservers with zone information, or remove them as registered nameservers for your domain. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
You just need to verify that reverse DNS for all the domains is correct. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com From: Jonathan Gruber [mailto:[EMAIL PROTECTED] Sent: Friday, May 23, 2008 11:20 AM To: MS-Exchange Admin Issues Subject: Hosting Multiple domains in Exchange 2003 We are currently hosting multiple domains on an exchange 2003 box and have run into an issue. We set up the box using domain a, and the fqdn listed in the virtual smtp server is mail.domaina.com. A user has sent an email to a bellsouth account using domainb which is also hosted on this server and the mail is timing out. When a test is sent from domain to the bellsouth.net address it goes through, so I assume that the reverse dns lookup bellsouth is doing is failing. My question is, what is the best way to resolve this, multiple virtual servers, configure external dns servers? I haven't had an issue sending mail to any other domains except bellsouth.net. Jonathan Gruber Network Administrator J.B. Long Inc. 610-944-8840 x.213 484-637-1978 direct ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Hosting Multiple domains in Exchange 2003
I think the reverse dns only needs to point to a host record - not aware of any requirement that it contains the sending domain. You might want to ensure your MX for domainb points to the correct host. From: Jonathan Gruber [mailto:[EMAIL PROTECTED] Sent: Friday, May 23, 2008 8:20 AM To: MS-Exchange Admin Issues Subject: Hosting Multiple domains in Exchange 2003 We are currently hosting multiple domains on an exchange 2003 box and have run into an issue. We set up the box using domain a, and the fqdn listed in the virtual smtp server is mail.domaina.com. A user has sent an email to a bellsouth account using domainb which is also hosted on this server and the mail is timing out. When a test is sent from domain to the bellsouth.net address it goes through, so I assume that the reverse dns lookup bellsouth is doing is failing. My question is, what is the best way to resolve this, multiple virtual servers, configure external dns servers? I haven't had an issue sending mail to any other domains except bellsouth.net. Jonathan Gruber Network Administrator J.B. Long Inc. 610-944-8840 x.213 484-637-1978 direct ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~