AOL refusing connections from our Exchange Server
Patrick Rouse
(same company now) T1 connection. Since the change AOL has been blocking
connections "from" our Exchange Server.
The Public IP Address that forwards to our internal Exchange Server is the
registered MX Record for our domain, and I've checked ordb.org for open
relays. I've also sent an eamil to the administrative contact registered with
AOL, but got no response (not that I really expected one).
Any ideas how to get this resolved? Perhaps I won't get email from AOL
anymore :)
--
Patrick Rouse
Microsoft MVP - Terminal Server
http://www.sessioncomputing.com
Neil Hobson [MVP]
--
Neil Hobson
Exchange MVP
"Patrick Rouse" <Patric...@discussions.microsoft.com> wrote in message
news:75D47118-380B-463D...@microsoft.com...
a@tleederbyshired.0.tc.0.m Lee Derbyshire
news:75D47118-380B-463D...@microsoft.com...
Try the DNS Report test (on the left) here http://www.dnsreport.com/ . If,
for example, you don't have reverse DNS, they won't like that at all.
Lee.
--
___________________________________
Outlook Web Access for PDA and WAP:
www.leederbyshire.com
___________________________________
Patrick Rouse
and I have access to change A, CName, MX, TXT and SPF Records. I have an A
Record that is exchange.domainname.com and the IP Address, and I have an MX
Record that equals this same IP Address.
AT&T said they were transferring DNS Control of the IP Address Block to my
public DNS, but I don't know if that's complete, or what to do when it is.
From what I know a PTR is a reverse lookup, i.e. 1.2.3.4 would be
4.3.2.1.IN-ADDR.ARPA.
--
Patrick Rouse
Microsoft MVP - Terminal Server
http://www.sessioncomputing.com
Patrick Rouse
with the one listed below with a priority of "0". I don't use the other two.
I have logging enabled on the Default SMTP Virtual Server, but don't see the
reason why the connection is being dropped. Results below:
MX:
Your 3 MX records are:
0 exchange.comg.com. [TTL=3600] IP=12.106.81.194 [TTL=3600] [US]
10 smtp.secureserver.net. [TTL=3600] IP=64.202.166.12 (No Glue) [TTL=1993]
[US]
10 mailstore1.secureserver.net. [TTL=3600] IP=64.202.166.11 (No Glue)
[TTL=1993] [US]
OK. The IPs of all of your mail server(s) have reverse DNS (PTR) entries.
RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It
is strongly urged that you have them, as many mailservers will not accept
mail from mailservers with no reverse DNS entry. Note that this information
is cached, so if you changed it recently, it will not be reflected here (see
the www.DNSstuff.com Reverse DNS Tool for the current data). The reverse DNS
entries are:
194.81.106.12.in-addr.arpa 194.81.106.12.in-addr.arpa. [TTL=172800]
12.166.202.64.in-addr.arpa smtp.secureserver.net. [TTL=1994]
11.166.202.64.in-addr.arpa mailstore1.secureserver.net. [TTL=1993]
Mail:
WARN Mail server host name in greeting WARNING: One or more of your
mailservers is claiming to be a host other than what it really is (the SMTP
greeting should be a 3-digit code, followed by a space or a dash, then the
host name). This probably won't cause any harm, but is a technical violation
of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP
greeting should have an A record pointing back to the same server.
smtp.secureserver.net claims to be host
pre-smtp05-02.prod.mesa1.secureserver.net [but that host is at 64.202.166.15,
not 64.202.166.12].
mailstore1.secureserver.net claims to be host
pre-smtp02-01.prod.mesa1.secureserver.net [but that host is at 64.202.166.25,
not 64.202.166.11].
FAIL Acceptance of postmaster address ERROR: One or more of your mailservers
does not accept mail to postm...@comg.com. Mailservers are required (RFC822
6.3, RFC1123 5.2.7, and RFC2821 4.5.1) to accept mail to postmaster.
smtp.secureserver.net's postmaster response: >>> RCPT
TO:<postm...@comg.com> <<< 553 sorry, relaying denied from your location
[66.36.241.109] (#5.7.1) mailstore1.secureserver.net's postmaster response:
>>> RCPT TO:<postm...@comg.com> <<< 553 sorry, relaying denied from your
location [66.36.241.109] (#5.7.1)
WARN Acceptance of abuse address WARNING: One or more of your mailservers
does not accept mail to ab...@comg.com. Mailservers are expected by RFC2142
to accept mail to abuse.
smtp.secureserver.net's abuse response:
>>> RCPT TO:<ab...@comg.com>
<<< 553 sorry, relaying denied from your location [66.36.241.109] (#5.7.1)
mailstore1.secureserver.net's abuse response:
>>> RCPT TO:<ab...@comg.com>
<<< 553 sorry, relaying denied from your location [66.36.241.109] (#5.7.1)
WARN SPF record Your domain does not have an SPF record. This means that
spammers can easily send out E-mail that looks like it came from your domain,
which can make your domain look bad (if the recipient thinks you really sent
it), and can cost you money (when people complain to you, rather than the
spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the
target date for domains to have SPF records in place (Hotmail, for example,
started checking SPF records on 01 Oct 2004).
--
Patrick Rouse
Microsoft MVP - Terminal Server
http://www.sessioncomputing.com
Patrick Rouse
Sent:
ehlo comg.com
Received:
250-rly-yb05.mx.aol.com peer name unknown
250 HELP
Sent:
mail from: <em...@domainname.com>
Received:
250 OK
Sent:
rcpt to: <reci...@aol.com>
Received:
250 OK
Sent:
quit
Received:
221 SERVICE CLOSING CHANNEL
Successfully connected to mailin-02.mx.aol.com.
Connecting to mailin-01.mx.aol.com [205.188.158.121] on port 25.
Received:
220-rly-yi06.mx.aol.com ESMTP mail_relay_in-yi6.5; Fri, 20 Jan 2006 12:52:10
-05
00
220-America Online (AOL) and its affiliated companies do not
220- authorize the use of its proprietary computers and computer
220- networks to accept, transmit, or distribute unsolicited bulk
220- e-mail sent from the internet. Effective immediately: AOL
220- may no longer accept connections from IP addresses which
220 have no reverse-DNS (PTR record) assigned.
a@tleederbyshired.0.tc.0.m Lee Derbyshire
news:75D47118-380B-463D...@microsoft.com...
Have a look at AOLs policy and troubleshooting page:
http://postmaster.aol.com/trouble/
Patrick Rouse
to see if they will add the appropriate reverse-dns record for the IP Address
of my SMTP Server. I don't have access to this in their Web Interface.
--
Patrick Rouse
Microsoft MVP - Terminal Server
http://www.sessioncomputing.com
a@tleederbyshired.0.tc.0.m Lee Derbyshire
> It appears to be a lack of PTR Record. I've opened a ticket with
> godaddy.com
> to see if they will add the appropriate reverse-dns record for the IP
> Address
> of my SMTP Server. I don't have access to this in their Web Interface.
>
> --
> Patrick Rouse
> Microsoft MVP - Terminal Server
> http://www.sessioncomputing.com
It's not the sort of thing you can change, unless you manage your own
(publicly authoritative) DNS server. Hopefully they will be responsive.
Patrick Rouse
my SMTP Virtual Server as a smart host, so it'll send thru their system if
mine can't deliver it directly.
--
Patrick Rouse
Microsoft MVP - Terminal Server
http://www.sessioncomputing.com