Solved: Email bounced by destination server. Reason:5.1.0 - Unknown address error ('550', [Sorry, your HELO/...

Mady · ‎10-06-2016

Hi,

Our email message bounced back from particular destination domain. We can send email to them before but suddenly our email bounced back and these error appeared on message tracking.

Email bounced by destination server. Reason:5.1.0 - Unknown address error ('550', [Sorry, your HELO/EHLO greeting must resolve (#5.7.1)']

-

message to user.domain.com delayed. Reason 4.4.0 - Other network problem ('000', ['[Errno 54] Connection reset by peer']]

-

message to user.domain.com delayed. Reason 4.4.2 - Bad connection ('000', [Connection Lost']]

Thanks for your help!

Regards,

Mady

dmccabej · ‎10-06-2016

Hello,

Thanks for the info. Would the ironport.samedomain.com hostname also be resolable via DNS? It's typically best practice to have your IP interface hostname match your MX record, so you may wish to switch that to mail.samedomain.com. Or, you can also make sure you have proper forward/reverse lookups in place in your public DNS for ironport.samedomain.com.

Hope that helps. :)

Thanks!

-Dennis M.

View solution in original post

dmccabej · ‎10-06-2016

Hello,

The "Email bounced by destination server. Reason:5.1.0 - Unknown address error ('550', [Sorry, your HELO/EHLO greeting must resolve (#5.7.1)']" error typically refers to the recipient server not being able to perform a DNS lookup on your connecting hostname. This would be the hostname of the IP interface for whichever is performing the delivery on your ESA.

Are you still having issues sending email to this domain? If so, I would make sure the IP interface FQDN you're using is resolvable via public DNS.

Thanks!

-Dennis M.

Mady · ‎10-06-2016

Hi Dennis,

Thanks for the quick response. :)

On Network > IP Interface, Data1 is configured as private IP address. We have public IP for the ESA and checked it on mxtoolbox. It is resolvable on the public and has rDNS.

Regards,

Mady

dmccabej · ‎10-06-2016

Hello,

You're very welcome! :)

What I meant was the hostname and not the IP address. This would be under Network --> IP Interfaces --> Hostname. What is that set to? Are you still seeing delivery issues to this domain?

Thanks!

-Dennis M.

Mady · ‎10-06-2016

The hostname was set to ironport.samedomain.com if I used mxtoolbox - public IP resolvable to mail.samedomian.com.

dmccabej · ‎10-06-2016

Hello,

Thanks for the info. Would the ironport.samedomain.com hostname also be resolable via DNS? It's typically best practice to have your IP interface hostname match your MX record, so you may wish to switch that to mail.samedomain.com. Or, you can also make sure you have proper forward/reverse lookups in place in your public DNS for ironport.samedomain.com.

Hope that helps. :)

Thanks!

-Dennis M.

Mady · ‎10-06-2016

Hi,

So we need to replace the Netwok> IP to its external IP which was resolvable outside?

Mady · ‎10-06-2016

Hi,

Apologies Im a bit confuse. :)

So what should we replace here? And why is it that we cannot send only on one particular domain.

Set on Network> Interface

ironport.samedomain.com - 192.168.1.1

If I check on mxtoolbox

mail.samedomian.com - 134.116.29.160

Thank you so much!:)

- Mady

Libin Varghese · ‎10-07-2016

Hi Mady,

I agreed with Dennis. The only change required would be to update the hostname of the interface used to send emails to the domain to match your public MX record.

The internal IP can continued to be used and does not need to be updated on the interface.

So the interface would be

mail.samedomian.com - 192.168.1.1

The reason for this error to be seen on a single domain is that the destination mail server administrator requires, by site policy, that your HELO should be a resolvable FQDN.

This is a fairly common requirement which is based on the observation that non-resolving HELOs are more likely to send spam.

Hope this clears up any confusion.

Thanks

Libin Varghese

dmccabej · ‎10-06-2016

Hello,

Nope, definitely don't do that. :)

You need to change the hostname, not the IP address. The hostname needs to be resolvable via a public DNS forward lookup. The hostname listed on your IP interface is what is being shown to the server you're connecting to. That server you're connecting to is then trying to perform a forward DNS lookup on that hostname, which is most likely not resolving because you're public record is mail.samedomain.com and not ironport.samedomain.com.

I would probably suggest opening up a TAC case so the available engineer can confirm you're settings and assist with the change if needed.

Thanks!

-Dennis M.

Mady · ‎10-06-2016

Hi Dennis,

Thanks for the help really appreicate it!:)

Regards,

Mady

dmccabej · ‎10-07-2016

Hello,

You're welcome! Hopefully it helped! :)

Thanks

-Dennis M.