Re: DNS and email problem

Thanks for the powerful feedback. very much so appreciated, yet it may
have been in vain as it appears that other characteristics to the
problem need to be specified before the correct solution can be
applied.

Have consulted with our E-mail service/domain provider and Internet
provider (Adhost.com and Qwest DSL, respectively).

It is quite common for a small business to choose to pay for hosting
services (Adhost.com) rather than do it themselves.

It makes a lot of economic sense, yet it creates a "disconnect"
scenario between the source and destintation hosts with respect to
domain names. And this is where I believe the problem crop up.

For my situation, the following holds true:

1.) The error message shows the static WAN IP address to our router.
This router is in between our SBS and the Internet.

2.) The SBS does not exist as a registered mail server nor does it host
a registered domain name as a web site.

Why do this? Seems to defeat the purpose of SBS. Not really. As a
small office, we chose to use E-mail services from an outside POP mail
server yet at the same time take advantage of using the Public Folders
from Exchange Server and other automated services provided by SBS.

This paid E-mail service provides excellent filtration of viruses of
which once had been a monumental problem. Also, the office does not
wish to have domain registered services "inhouse" as it presents risk
and cost in particular when there is no IT manager on-site full time.
If hosting inhouse, if that E-mail server ever goes down--all incoming
E-mail is bounced. Also, all viruses and spam must be mitigated
inhouse. Not the case with a robust POP provider with IT staff 24/7.

So, the bottom line is that there is no registered domain name of any
kind with the static WAN IP address at our router of which is between
our SBS and the remaining Internet.

We send an E-mail message via the SBS using POP connector specifying
our remote outgoing mail server (mail.adhost.com) as discussed, Comcast
performs a reverse trace, identify's our WAN IP, checks it against DNS
to our domain name, it understandably fails the check as since that WAN
IP is not registered with any domain name, and the E-mail message is
bounced away.

One solution may be to host the E-mail directly from our office. This
is out of the question as discussed risk and expense imposed on the
small business.

Another solution is to take our static WAN IP address and register it
would some domain name. This way, when the DNS test is performed by
Comcast, it does not fail since that IP address is now registered with
a domain name.

Seems it may be any domain name to pass the Comcast reverse lookup test
allthough only Comcast truly knows the applied algorithm for the
reverse lookup.

Our static WAN IP is rented at $15/month from Qwest. As our hosting
service (Adhost) does not own this IP address, the reverse lookup to
our domain name (www.paadvisors.com) can not be applied by Adhost. Our
hosting service referred me to Qwest who owns this IP address.

The technical support from Qwest understood the problem and worked on a
resolution of which may or may not work:
"I associated the domain paadvisors.com to their account paainc
(qwest.net username) while leaving the DNS pointing at the authorative
servers they were already at. All I did was added a reverse lookup for
paadvisors.com back to the IP address they have registered with Qwest.
What that should do is the mail server should do a lookup on the IP and
see in Qwests zone record the IP has a PTR (Reverse DNS) record
pointing to paadvisors.com. They should then see that paadvisors.com
has an MX record going from mail.adhost.com (the
registrar) and see its all set up properly and allow the email. That's
my theory at least."

That's the best I can determine so far. Seems we could fix the problem
by hosting our site with Qwest instead of Adhost although we would like
to avoid doing this. When going with an external host, seems it best
to do it with your ISP of which provides the WAN IP address of which is
traced by Comcast. This keeps the domain hosting IP under the same
owner of the WAN IP allowing for better management.

Anyway, if anyone has a better idea or if I am brain dead on this with
my analysis, please advise on best solution or workaround.

Sincerely,

Fred











2.)


"Jenny wu [MSFT]" wrote:
Hi Bryce,

Thanks for your update. I am glad to know that information is useful to
you. Please feel free to let me know if you have any unclear about the
information. We are glad to help.

Have a nice weekend!

Sincerely,

Jenny Wu
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
From: "Bryce" <fukuzz---at---hotmail---dot---com>
References: <elMv$u9QGHA.5296@xxxxxxxxxxxxxxxxxxxx>
<1141971004.352681.193310@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: DNS and email problem
Date: Fri, 10 Mar 2006 00:24:52 -0800
Lines: 73
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
X-RFC2646: Format=Flowed; Original
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Message-ID: <#Zs7kvBRGHA.5156@xxxxxxxxxxxxxxxxxxxx>
Newsgroups: microsoft.public.windows.server.sbs
NNTP-Posting-Host: c-67-182-138-190.hsd1.wa.comcast.net 67.182.138.190
Path: TK2MSFTNGXA03.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
Xref: TK2MSFTNGXA03.phx.gbl microsoft.public.windows.server.sbs:251342
X-Tomcat-NG: microsoft.public.windows.server.sbs

Thanks Jenny for this valuable information.

Fred, I don't think we are the only ones encountering this problem.

Let's share information on this. I'll look at these records tomorrow or on
Monday.

Bryce.


"Fred" <apextester@xxxxxxxxxxx> wrote in message
news:1141971004.352681.193310@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Have exactly the same problem with similar environment. Does it with
particular AOL and Comcast E-mail addresses.

Only thing is, I have been unable to recreate the problem using a
Comcast account.

Configured a Comcast account with full spam filtration and no problem.


Seems there is a wierd spam filter for certain accounts from AOL and
Comcast of which rejects mail sent from an invalid IP address and
domain name association. It may only be doing it with newly created
accounts at Comcast, AOL and others of where a certain query is
executed to filter off illegitmate mail...unfortunately doing it also
to legitimate mail having a bad mail server setting.

Found a link at Comcast of which shed a bit of light having to do with
reverse DNS, yet am still way in the dark on this:

http://www.comcast.net/help/faq/index.jsp?faq=Email118405

There is manager at the SBS of which allows for configuring the DNS of
which is yet another gordian knot from Microsoft to deal with.

Will be up late tonight researching this problem.

If you figure it out, please let me know.

Fred

Bryce wrote:
Hello:

I get emails back with this message: (I assume it's coming from our
exchange
server, maybe?)

---------------------------------------------
Your message did not reach some or all of the intended recipients.
Subject: Our company's name
Sent: 3/9/2006 4:24 PM
The following recipient(s) could not be reached:
'macy.fox@xxxxxxxxxxx' on 3/9/2006 4:24 PM
There was a SMTP communication problem with the recipient's email
server.
Please contact your system administrator.
<ourcompany.org #5.5.0 smtp;521-EHLO/HELO from sender 70.xx.xx.xxx does
not
map to ourcompany.org in DNS>

-------------------------------------


What can I do. It looks like there is a DNS problem on our end?
99% of our email is fine though, but this person can't get anything to
comcast and sometimes to aol accounts.


Bryce.





.