Question : Problem sending to cfl.rr.com domain

I am running Windows 2003 SBS w/ Exchange 2003

Heres the deal.

About 3 weeks ago my users started complaining about getting kickbacks whenver they tried to email any @cfl.rr.com addresses. They were receiving the "Relaying Delayed" message and then eventually a NDR failure report.

I looked into the issue and noticed they did not have a valid reverse PTR so I set that up, I called up RR and told them I had fixed they problem and they informed me that my IP has never been on any blocklist of theres and I should be having no problems emailing them.

Researching further into the problem I realized that due to NAT'ng my exchange server is actually sending out on a diffrent IP than I setup the PTR for, so I attempted to set up a PTR for the correct IP, yet still continue to recieve errors and RR still denies that I am on any blocklist.

I have been bashing my head against the wall trying to figure this out and am getting nowhere. Here is the information I have

the IP which I RDC into the server is 72.17.255.130 (mail.rclawpa.com)

the IP which all the mail appears to be coming from is 72.17.255.61 (this is also what shows up when I go to www.whatsmyip.com)

This is the original kickback

This is an automatically generated Delivery Status Notification.

THIS IS A WARNING MESSAGE ONLY.

YOU DO NOT NEED TO RESEND YOUR MESSAGE.

Delivery to the following recipients has been delayed.

       [email protected]

Which is followed up about a day later by this kickback

Your message did not reach some or all of the intended recipients.

Subject: test
Sent: 3/23/2006 3:41 PM

The following recipient(s) could not be reached:

  [email protected] on 3/25/2006 3:42 PM
  Could not deliver the message in the time limit specified. Please retry or contact your administrator.
 

This is what I get when I try to telnet to clmboh-01.mgw.rr.com (cfls mail server)
220-clmboh-mx-02.mgw.rr.com ESMTP
220 Welcome to Road Runner.  NO UCE *** FOR AUTHORIZED USE ONLY! ***  Please Fix
 your Reverse DNS ***

Here is the correspondence between me and the RR security tech

Message came from IP address 72.17.254.61, James:

> Received: from rcserv1.rclawpa.local (72-17-254-61.orl.fdn.com
>     [72.17.254.61] (may be forged))
>         by security.rr.com (8.12.9/8.12.6) with ESMTP id k2NKdOND017647
>         for ; Thu, 23 Mar 2006 15:39:28 -0500 (EST)

Not blocked here, and never has been in our internal block list, so
far as I can tell:

  http://security.rr.com/cgi-bin/block-lookup?72.17.254.61

However, per our rate limiting policy, this IP would be limited to 10
recipients per hour, as it resolves to a name that not only does not
resolve back to the IP, the name doesn't resolve at all:

  # host 72.17.254.61
  61.254.17.72.in-addr.arpa domain name pointer 72-17-254-61.orl.fdn.com.

  $ host 72-17-254-61.orl.fdn.com
  Host 72-17-254-61.orl.fdn.com not found: 3(NXDOMAIN)

  http://security.rr.com/spam.htm#ratelimit

Get your ISP to create a DNS 'A' record for 72-17-254-61.orl.fdn.com,
resolving to 72.17.254.61, and you should be in better shape.


On Thu, 23 Mar 2006, at 15:39, Administrator wrote:

> Hey Todd,
> Here is an email from the affected server.
>
> Thanks for your help.
>
> -James
>
> ________________________________
>
> From: James Hart [mailto:[email protected]]
> Sent: Thu 3/23/2006 3:33 PM
> To: Administrator
> Subject: FW: [BLOCKINFO] Email being blocked
>
>
>
>
>
> -----Original Message-----
> From: Todd Herr [mailto:[email protected].com]
> Sent: Thursday, March 23, 2006 10:44 AM
> To: James Hart
> Subject: Re: [BLOCKINFO] Email being blocked
>
> Hello, James.
>
> I can't see any issues with IP address 72.17.255.130; it's not now,
> nor has it ever been, in a block list the content for which is under
> Road Runner's control:
>
>   http://security.rr.com/cgi-bin/block-lookup?72.17.255.130
>
> The error message below "Please Fix your Reverse DNS" is one that
> our servers would generate if the reverse DNS record for the IP
> connecting to them resolved to a name ending in 'in-addr.arpa'; this
> IP doesn't seem to be so afflicted:
>
>   # host 72.17.255.130
>   130.255.17.72.in-addr.arpa domain name pointer mail.rclawpa.com.
>
> Have you taken steps to get this IP's PTR record updated between
> the time you sent the message below and now?  If not, can you please
> send me a message from the server having issues?  My mailbox refuses
> mail from no one, regardless of the block status or PTR record of
> the server.
>
> On Thu, 23 Mar 2006, at 09:19, James Hart wrote:
>
> > Our company is experiencing kickbacks whenever we try to email a
> > @cfl.rr.com address. I noticed that we did not have a reverse DNS
> setup
> > and got that all fixed. However, We still are receiving the kickbacks.
> > Here is the information I gleaned from telnetting to your mail
> servers.
> >
> >
> >
> >  220-orngca-mx-10.mgw.rr.com ESMTP
> >
> > 220 Welcome to Road Runner.  NO UCE *** FOR AUTHORIZED USE ONLY! ***
> > Please Fix
> >
> >  your Reverse DNS ***
> >
> >
> >
> > The IP I am trying to connect from is 72.17.255.130 and the domain is
> > mail.rclawpa.com
> >
> >
> >
> > Please let me know if there is any problem remaining that we need to
> > take care of.
> >
> > James Hart



Sorry this post is so long but I wanted to inclue all information I have gleaned from this problem so far, Any help is much appreciated

Answer : Problem sending to cfl.rr.com domain

Your server is announcing itself as an invalid name.

http://www.dnsreport.com/tools/dnsreport.ch?domain=rclawpa.com

ESM, Servers, , Protocols, SMTP. Right click on the default SMTP VS and choose Properties. Click on the tab "Delivery" and choose Advanced. Change the FQDN to match what your server is known ass on the Internet -
MAIL.rclawpa.com

Simon.
Random Solutions  
 
programming4us programming4us