SMTP FQDN domain name does not match DNS resolved server name

Discussion in 'DNS Server' started by TOP, Mar 12, 2008.

  1. TOP

    TOP Guest

    I've been having intermittent email problems for a while. Messages are being
    delayed by a number of hours or are being lost completely. I think DNS is
    the culprit.

    SBS 2003 SP2 Premium but with ISA and SQL not running.
    Exchange 2003 SP2
    Clients are mostly Outlook 2003 with a few new Outlook 2007 clients

    I ran the Exchange Troubleshooting Assistant and had the following two
    errors returned:
    1. SMTP instance fully-qualified domain name does not match DNS resolved
    server name
    2. SMTP instance fully-qualified domain name does not match server name

    1. The TechNet article says the AD directory service is queried for the
    value of msExchSmtpFullyQualifiedDomainName from the Default SMTP virtual
    server object. It also tries a DNS query against the DNS servers for the
    FQDN of the Exchange server.

    I'm not sure if it's querying my internal DNS server (also the Exchange box)
    or my ISP's DNS servers.

    To solve the problem I'm given two options
    A. Change the value of msExchSmtpFullyQualifiedDomainName to match the
    DNS FQDN
    B. Configure the Exchange server DNS FQDN to match the value of
    msExchSmtpFullyQualifiedDomainName.

    I was also told separately by a MSFT professional in the Exchange forum to
    check the value in the ADSIEDIT MSC (CN=Configuration,DC=Domain,DC=local ->
    CN=Services -> CN=Microsoft Exchange -> CN=ORG -> CN=Administrative
    Groups -> CN=SITE -> CN=Servers -> CN=MAILSERVER -> CN=Protocols ->
    CN=SMTP -> CN=1) and make sure to set that to my domain name, which it
    already is. Is this value supposed to be the FQDN for my exchange server, or
    just my domain name?

    It's set to company.net (not sbs.company.net or mail.company.net--both of
    which are listed as A records in our DNS file with our ISP and our internal
    DNS server (same machine))

    2. Pretty much the same issue and same question.

    Should the value of it msExchSmtpFullyQualifiedDomainName be company.net or
    host.company.net. And what am I supposed to be comparing it to, our ISP's
    DNS records or our DNS server's records.

    FWIW, if I go to My Computer > Properties > Computer Name the server's name
    is listed as sbs.organization.local, not sbs.company.net

    Thanks in advance
     
    TOP, Mar 12, 2008
    #1
    1. Advertisements

  2. TOP

    RW Guest

    my question for you is on your Firewall do you have 1-to-1 NAT mapping? are
    you sending email from exchange directly to the internet or throught 3rd
    party smart host? when your email goes out and is delivered to another person
    ask this person to get header of your email and send to you (or you can send
    to your external private email account one that will let you either see
    source of email or use outlook as POP client and once your email is received
    by outlook you can get header from there) once you have that you can see
    public IP address you sending from (but you should know this now) and FQDN
    associated with it, purpose of it is to see if you have PTR defined by your
    ISP to match your EXCH server name. If RDNS is failing many domains will not
    accept your emails.
    do you have PTR for your exchange public IP
    RW
     
    RW, Mar 12, 2008
    #2
    1. Advertisements

  3. TOP

    TOP Guest

    Thanks for the reply.

    I forgot to mention that we have a spam server on-site that the Exchange
    server forwards to as a smart host. The spam server has the higher
    preference MX record and accepts all mail from outside, scans it, and passes
    it on to Exchange. Exchange does have an MX record but I have my PIX 505
    firewall blocking smtp traffic to the exchange server.

    This Monday I took the spam server out of the loop, took out the smart host
    forwarding, and enabled smtp to Exchange at the firewall, but was still
    having some emails delayed or lost. I'm not sure how often it's happening...
    maybe 1% of the emails?

    The PIX NATs the Exchange server and the spam server to external IP
    addresses.
    Exchange (hostname sbs) 192.168.1.3 => 1.2.3.59
    Spam (hostname mail2) 192.168.1.6 => 1.2.3.43

    Here is some of the header information from a message I sent to a hotmail
    account: It arrived quickly.

    X-SID-PRA: Administrator <>
    Received: from mail2.company.net ([1.2.3.43]) by
    bay0-mc9-f22.bay0.hotmail.com
    ^^^^^mail2 is the spam server, and the public address is correct^^^^^^
    Received: from company.net ([192.168.1.3]) by mail2.company.net
    ^^^^^company.net is the domain. The private IP listed here is for the
    Exchange server, and mail2 is spam server^^^^^^
    Subject: test to hotmail
    Message-ID: <>
    ^^^^^sbs.organization.local is the exchange server^^^^^^^
    From: "Administrator" <>
    To: <>
    Return-Path:

    I requested a copy of our DNS records from my ISP this week. Everything
    looks correct. I'll paste portions below:

    mail IN A 1.2.3.59
    mail2 IN A 1.2.3.43
    sbs IN A 1.2.3.59
    www IN A 1.2.3.41

    @ IN MX 10 mail.company.net.
    @ IN MX 5 mail2.company.net.

    And the PTR records:

    43 IN PTR mail2.company.net.
    59 IN PTR mail.company.net.
    59 IN PTR sbs.company.net.
     
    TOP, Mar 12, 2008
    #3
  4. TOP

    TOP Guest

    We just had an email come in three hours late. Header is below:

    Received: from mail2.company.net ([192.168.1.6]) by company.net
    Received: from cc.sprintspectrum.com ([8.8.7.4]) by mail2.company.net
    Received: from [9.4.10.2] by cc.sprintspectrum.com
    with ESMTPA id <>
    From: John <>
    Subject: Re: 12:30 lunch
    In-reply-to: <>
    Sender:
    To: AB <>
    Message-id: <>
    References: <>
    Return-Path:
     
    TOP, Mar 12, 2008
    #4
  5. TOP

    RW Guest

    OK, so I have better understanding what your prolem is. Sounds like and
    correct me if I'm wrong you have issue with email being delayed only while
    receiving emails but not when sending, is that right? so couple of questions:
    How do you know delay is on your end? I'm assuming your smart host should
    have some reporting/logging functionality why don't you focus on single
    instance reported to you by user and track it down search smart host for
    particular email look at the time it arrived, then see what time you see same
    email at Exchange and finally user mail box. Is delay anywhere between one of
    these hoops? I'm just guessing but do you see in example that smart host is
    accepting email at let say 1 PM and you do not see it at exch untill 4 PM ?
    pehaps this is not your end issue.
    Here is my quick story we had situation where a user reported that he is
    sending email to A domain and person on the other end does not see it until
    30 minutes later, we were able find out that email is sent by our user then
    routed by smtp server to smart host in eye blink and almost same time we saw
    handshake with external mail server recorded by mean of their public IP all
    events in lest then 1 minute after that it is out of our responsabilities,
    what they do with it after that and why it takes 30 min to route to their
    users I do not want to know. reason I'm saying this is that you should be
    able to see email fllow at you end from connection with external mail server,
    your exchange and finally client. Perhaps 3 hours delay you see is because
    your smart host is not even being connected by external server within this
    time frame, if that is the case you should be easily able to push this on the
    other side of the court and contact IT from other end ask for log proof that
    they not delay it, sort of my story above. If they can proof that email is
    sent by their user at 1 PM and tey have log showing contact with your mail
    server at 1 PM but your user does not see it till 4 PM then you have problem.
    you have no issues receiving email from most domain in timly fashion so does
    not sounds like your server is to busy, only other reason I see is that your
    smart host is seeing sender domain as suspected spamer and defer connection I
    cannot tell much aout this domain because you have modified data so I do not
    know if this cc.sprintspectrum.com is real host or not but if it is that is
    odd because there is no A nor PTR record for his host.
    do not know what 3rd party smart host you use so cannot tell what type of
    rules are there either. If you know what domains you have this problem with
    try to white list them in your smart host which should by pass all rules to
    see if this makes any difference if so and that fix it then most likely your
    smart host does not like how this domain(s) is configured and defer
    connection.
    I would start from faining out email fllow on your end, check time recorded
    for this particular email.

    BTW, and this is more for your outgoing email then incoming and since you
    have no issues with this part I would not worry about it and again not sure
    which part of email header was modified by you and which one is real but why
    do you have at one point "by company.net" which would indicate you have your
    public domain in exch virtual server dns name field and then you have
    "@sbs.organization.local" in message ID ? in any case I would change
    company.net to sbs.organization.local since you showing private IP in email
    header, or create rules on firewall to hide private IP and show public IP for
    exch server in email header then I would change virtus server dns name to
    host_name.company.net, does this make sense?

     
    RW, Mar 14, 2008
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.