10-06-2016 09:06 PM
Hi,
Our email message bounced back from particular destination domain. We can send email to them before but suddenly our email bounced back and these error appeared on message tracking.
Email bounced by destination server. Reason:5.1.0 - Unknown address error ('550', [Sorry, your HELO/EHLO greeting must resolve (#5.7.1)']
-
-
message to user.domain.com delayed. Reason 4.4.0 - Other network problem ('000', ['[Errno 54] Connection reset by peer']]
-
-
message to user.domain.com delayed. Reason 4.4.2 - Bad connection ('000', [Connection Lost']]
Thanks for your help!
Regards,
Mady
Solved! Go to Solution.
10-06-2016 10:07 PM
Hello,
Thanks for the info. Would the ironport.samedomain.com hostname also be resolable via DNS? It's typically best practice to have your IP interface hostname match your MX record, so you may wish to switch that to mail.samedomain.com. Or, you can also make sure you have proper forward/reverse lookups in place in your public DNS for ironport.samedomain.com.
Hope that helps. :)
Thanks!
-Dennis M.
10-06-2016 09:30 PM
Hello,
The "Email bounced by destination server. Reason:5.1.0 - Unknown address error ('550', [Sorry, your HELO/EHLO greeting must resolve (#5.7.1)']" error typically refers to the recipient server not being able to perform a DNS lookup on your connecting hostname. This would be the hostname of the IP interface for whichever is performing the delivery on your ESA.
Are you still having issues sending email to this domain? If so, I would make sure the IP interface FQDN you're using is resolvable via public DNS.
Thanks!
-Dennis M.
10-06-2016 09:47 PM
Hi Dennis,
Thanks for the quick response. :)
On Network > IP Interface, Data1 is configured as private IP address. We have public IP for the ESA and checked it on mxtoolbox. It is resolvable on the public and has rDNS.
Regards,
Mady
10-06-2016 09:53 PM
Hello,
You're very welcome! :)
What I meant was the hostname and not the IP address. This would be under Network --> IP Interfaces --> Hostname. What is that set to? Are you still seeing delivery issues to this domain?
Thanks!
-Dennis M.
10-06-2016 10:01 PM
The hostname was set to ironport.samedomain.com if I used mxtoolbox - public IP resolvable to mail.samedomian.com.
10-06-2016 10:07 PM
Hello,
Thanks for the info. Would the ironport.samedomain.com hostname also be resolable via DNS? It's typically best practice to have your IP interface hostname match your MX record, so you may wish to switch that to mail.samedomain.com. Or, you can also make sure you have proper forward/reverse lookups in place in your public DNS for ironport.samedomain.com.
Hope that helps. :)
Thanks!
-Dennis M.
10-06-2016 10:11 PM
Hi,
So we need to replace the Netwok> IP to its external IP which was resolvable outside?
10-06-2016 10:18 PM
Hi,
Apologies Im a bit confuse. :)
So what should we replace here? And why is it that we cannot send only on one particular domain.
Set on Network> Interface
ironport.samedomain.com - 192.168.1.1
If I check on mxtoolbox
mail.samedomian.com - 134.116.29.160
Thank you so much!:)
- Mady
10-07-2016 06:19 AM
Hi Mady,
I agreed with Dennis. The only change required would be to update the hostname of the interface used to send emails to the domain to match your public MX record.
The internal IP can continued to be used and does not need to be updated on the interface.
So the interface would be
mail.samedomian.com - 192.168.1.1
The reason for this error to be seen on a single domain is that the destination mail server administrator requires, by site policy, that your HELO should be a resolvable FQDN.
This is a fairly common requirement which is based on the observation that non-resolving HELOs are more likely to send spam.
Hope this clears up any confusion.
Thanks
Libin Varghese
10-06-2016 10:22 PM
Hello,
Nope, definitely don't do that. :)
You need to change the hostname, not the IP address. The hostname needs to be resolvable via a public DNS forward lookup. The hostname listed on your IP interface is what is being shown to the server you're connecting to. That server you're connecting to is then trying to perform a forward DNS lookup on that hostname, which is most likely not resolving because you're public record is mail.samedomain.com and not ironport.samedomain.com.
I would probably suggest opening up a TAC case so the available engineer can confirm you're settings and assist with the change if needed.
Thanks!
-Dennis M.
10-06-2016 10:30 PM
Hi Dennis,
Thanks for the help really appreicate it!:)
Regards,
Mady
10-07-2016 06:02 AM
Hello,
You're welcome! Hopefully it helped! :)
Thanks
-Dennis M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide