5.7.1 Relaying denied B/C of incorrect domain resolution??

5.7.1 Relaying denied B/C of incorrect domain resolution??

Post by Stev » Sun, 18 May 2003 00:22:02



I have Exchange 2000 SP3 running on a Windows 2000 domain.
I'm having random outbound messages fail with a 5.7.1
Relaying Denied error message. This happens two to three
messages per day. Troubleshooting on the problem started
with smtp logging. As you can see from the log (see log
blurb at end of message)the SMTP server connected to the
wrong SMTP server (w255.web2010.com) for the domain it was
sending mail to (heathconstruction.com). Everything I have
read points to a dns problem. We have two DNS servers on
our network that forward requests to our T1 providers DNS
server (AT&T in this case). I turned on logging on both
servers to see if I could tell where the failure was. I
reviewed the DNS cache in this case and found web2010.com
in the cache with NO MX or mail record. I went to the logs
on both servers and found no attempt to resolve a MX (or
any other) record for the web2010.com server. At this
point I have no idea where the SMTP server got the
web2010.com address. The Exchange server is set to use the
internal DNS servers. There are no DNS servers set in the
SMTP service. I've tested, retested, and reviewed the DNS
configuration and can't find anything wrong. Doing a
NSLOOKUP on domains that fail returns the correct
information. Also, in this case the person resent the mail
after it failed and it worked flawlessly. I could see MX
records for heathconstruction.com and reviewing the DNS
logs showed the lookup for heathconstruction.com MX record
during the second attempt. Every time this has failed it
has been the same thing. The SMTP server that the SMTP
service has used has not been correct for the domain it
was trying to send too. Any idea where to look or what to
log to find out why it randomly connects to the wrong SMTP
server for the domain it is sending too? Also should
mention that this has happened with popular domains also.
Aol and hotmail for example.
Thank you in advance.
2003-05-16 13:08:26 - OutboundConnectionResponse SMTPSVC1
STEEL - 25 - -
220+w255.web2010.com+ESMTP+Sendmail+8.12.9/8.9.0;+Fri,+16+M
ay+2003+09:07:21+-0400+(EDT) -
2003-05-16 13:08:26 w255.web2010.com
OutboundConnectionCommand SMTPSVC1 STEEL - 25 EHLO -
mail.chiefind.com -
2003-05-16 13:08:26 w255.web2010.com
OutboundConnectionResponse SMTPSVC1 STEEL - 25 - - 250-
w255.web2010.com+Hello+mail.chiefind.com+
[209.36.195.200],+pleased+to+meet+you -
2003-05-16 13:08:26 w255.web2010.com
OutboundConnectionCommand SMTPSVC1 STEEL - 25 MAIL -

2003-05-16 13:08:26 w255.web2010.com
OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -

2003-05-16 13:08:26 w255.web2010.com
OutboundConnectionCommand SMTPSVC1 STEEL - 25 RCPT -

2003-05-16 13:08:26 w255.web2010.com
OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -

-
2003-05-16 13:08:26 w255.web2010.com
OutboundConnectionCommand SMTPSVC1 STEEL - 25 RSET - - -
2003-05-16 13:08:26 w255.web2010.com
OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -
250+2.0.0+Reset+state -
2003-05-16 13:08:27 w255.web2010.com
OutboundConnectionCommand SMTPSVC1 STEEL - 25 QUIT - - -
2003-05-16 13:08:27 w255.web2010.com
OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -
221+2.0.0+w255.web2010.com+closing+connection -
 
 
 

5.7.1 Relaying denied B/C of incorrect domain resolution??

Post by Niko » Fri, 30 May 2003 00:13:28


To be completely honest, and after reading your "book" (I
don't mean that negativly as I do the same - the more info
the better), I do not think that the issue lies with you
at all.

The 5.7.1 code is a relay restriction error message, i.e.
sender of the message does not have permissions necessary
to deliver, trying to relay through another SMTP server
that does not permit relaying, or the particular recipient
(s) have mailbox delivery restrictions enabled.

Since you've checked all that (can't remember if you
stated that or not, specifically), and all is how it
should be, it is more/less out of your hands. You said it
is happening only 2/3 messages per day. It happens... The
more "traffic", for example, can cause failures for no
apparent reason. Since the messages re-send without error,
count your blessings.

Should you be having the failure on EVERY message, or have
your SMTP queue backed up with retry's, then I'd start to
look at an internal problem. But, because of the sporatic
nature of the issue, I'm confident to say that your
config's are OK.

Hope this puts your mind at ease -
Niko

>-----Original Message-----
>I have Exchange 2000 SP3 running on a Windows 2000
domain.
>I'm having random outbound messages fail with a 5.7.1
>Relaying Denied error message. This happens two to three
>messages per day. Troubleshooting on the problem started
>with smtp logging. As you can see from the log (see log
>blurb at end of message)the SMTP server connected to the
>wrong SMTP server (w255.web2010.com) for the domain it
was
>sending mail to (heathconstruction.com). Everything I
have
>read points to a dns problem. We have two DNS servers on
>our network that forward requests to our T1 providers DNS
>server (AT&T in this case). I turned on logging on both
>servers to see if I could tell where the failure was. I
>reviewed the DNS cache in this case and found web2010.com
>in the cache with NO MX or mail record. I went to the
logs
>on both servers and found no attempt to resolve a MX (or
>any other) record for the web2010.com server. At this
>point I have no idea where the SMTP server got the
>web2010.com address. The Exchange server is set to use
the
>internal DNS servers. There are no DNS servers set in the
>SMTP service. I've tested, retested, and reviewed the DNS
>configuration and can't find anything wrong. Doing a
>NSLOOKUP on domains that fail returns the correct
>information. Also, in this case the person resent the
mail
>after it failed and it worked flawlessly. I could see MX
>records for heathconstruction.com and reviewing the DNS
>logs showed the lookup for heathconstruction.com MX
record
>during the second attempt. Every time this has failed it
>has been the same thing. The SMTP server that the SMTP
>service has used has not been correct for the domain it
>was trying to send too. Any idea where to look or what to
>log to find out why it randomly connects to the wrong
SMTP
>server for the domain it is sending too? Also should
>mention that this has happened with popular domains also.
>Aol and hotmail for example.
>Thank you in advance.
>2003-05-16 13:08:26 - OutboundConnectionResponse SMTPSVC1
>STEEL - 25 - -
>220+w255.web2010.com+ESMTP+Sendmail+8.12.9/8.9.0;+Fri,+16+
M
>ay+2003+09:07:21+-0400+(EDT) -
>2003-05-16 13:08:26 w255.web2010.com
>OutboundConnectionCommand SMTPSVC1 STEEL - 25 EHLO -
>mail.chiefind.com -
>2003-05-16 13:08:26 w255.web2010.com
>OutboundConnectionResponse SMTPSVC1 STEEL - 25 - - 250-
>w255.web2010.com+Hello+mail.chiefind.com+
>[209.36.195.200],+pleased+to+meet+you -
>2003-05-16 13:08:26 w255.web2010.com
>OutboundConnectionCommand SMTPSVC1 STEEL - 25 MAIL -

>2003-05-16 13:08:26 w255.web2010.com
>OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -

>2003-05-16 13:08:26 w255.web2010.com
>OutboundConnectionCommand SMTPSVC1 STEEL - 25 RCPT -

>2003-05-16 13:08:26 w255.web2010.com
>OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -

>-
>2003-05-16 13:08:26 w255.web2010.com
>OutboundConnectionCommand SMTPSVC1 STEEL - 25 RSET - - -
>2003-05-16 13:08:26 w255.web2010.com
>OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -
>250+2.0.0+Reset+state -
>2003-05-16 13:08:27 w255.web2010.com
>OutboundConnectionCommand SMTPSVC1 STEEL - 25 QUIT - - -
>2003-05-16 13:08:27 w255.web2010.com
>OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -
>221+2.0.0+w255.web2010.com+closing+connection -
>.


 
 
 

5.7.1 Relaying denied B/C of incorrect domain resolution??

Post by MSFT » Fri, 30 May 2003 23:40:07


Sporadic 5.7.1 caused by DNS is actually a common problem.

Consider the following:

1 DNS server works great.  Normally we use this DNS and everything is fine.

A secondary DNS server is not working fine however -- e.g., configured to
only provide root hints and nothing else (no recursive results).  The
results that Exchange gets back cause it to connect to the wrong host.  That
host is not configured to allow the domain as inbound, and thus the 5.7.1.

There are a wide variety of things that can cause this, but you'll be best
served to rule out all the DNS servers you are using first.  Of course, the
problem can also be caused by bad DNS replication on the Internet or
something similiar, which you'd have no control over, but that is usually
more of a problem with just a single domain and you can work around that
with an SMTP connector for that domain.

HTH,
-Scott


> I have Exchange 2000 SP3 running on a Windows 2000 domain.
> I'm having random outbound messages fail with a 5.7.1
> Relaying Denied error message. This happens two to three
> messages per day. Troubleshooting on the problem started
> with smtp logging. As you can see from the log (see log
> blurb at end of message)the SMTP server connected to the
> wrong SMTP server (w255.web2010.com) for the domain it was
> sending mail to (heathconstruction.com). Everything I have
> read points to a dns problem. We have two DNS servers on
> our network that forward requests to our T1 providers DNS
> server (AT&T in this case). I turned on logging on both
> servers to see if I could tell where the failure was. I
> reviewed the DNS cache in this case and found web2010.com
> in the cache with NO MX or mail record. I went to the logs
> on both servers and found no attempt to resolve a MX (or
> any other) record for the web2010.com server. At this
> point I have no idea where the SMTP server got the
> web2010.com address. The Exchange server is set to use the
> internal DNS servers. There are no DNS servers set in the
> SMTP service. I've tested, retested, and reviewed the DNS
> configuration and can't find anything wrong. Doing a
> NSLOOKUP on domains that fail returns the correct
> information. Also, in this case the person resent the mail
> after it failed and it worked flawlessly. I could see MX
> records for heathconstruction.com and reviewing the DNS
> logs showed the lookup for heathconstruction.com MX record
> during the second attempt. Every time this has failed it
> has been the same thing. The SMTP server that the SMTP
> service has used has not been correct for the domain it
> was trying to send too. Any idea where to look or what to
> log to find out why it randomly connects to the wrong SMTP
> server for the domain it is sending too? Also should
> mention that this has happened with popular domains also.
> Aol and hotmail for example.
> Thank you in advance.
> 2003-05-16 13:08:26 - OutboundConnectionResponse SMTPSVC1
> STEEL - 25 - -
> 220+w255.web2010.com+ESMTP+Sendmail+8.12.9/8.9.0;+Fri,+16+M
> ay+2003+09:07:21+-0400+(EDT) -
> 2003-05-16 13:08:26 w255.web2010.com
> OutboundConnectionCommand SMTPSVC1 STEEL - 25 EHLO -
> mail.chiefind.com -
> 2003-05-16 13:08:26 w255.web2010.com
> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - - 250-
> w255.web2010.com+Hello+mail.chiefind.com+
> [209.36.195.200],+pleased+to+meet+you -
> 2003-05-16 13:08:26 w255.web2010.com
> OutboundConnectionCommand SMTPSVC1 STEEL - 25 MAIL -

> 2003-05-16 13:08:26 w255.web2010.com
> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -

> 2003-05-16 13:08:26 w255.web2010.com
> OutboundConnectionCommand SMTPSVC1 STEEL - 25 RCPT -

> 2003-05-16 13:08:26 w255.web2010.com
> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -

> -
> 2003-05-16 13:08:26 w255.web2010.com
> OutboundConnectionCommand SMTPSVC1 STEEL - 25 RSET - - -
> 2003-05-16 13:08:26 w255.web2010.com
> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -
> 250+2.0.0+Reset+state -
> 2003-05-16 13:08:27 w255.web2010.com
> OutboundConnectionCommand SMTPSVC1 STEEL - 25 QUIT - - -
> 2003-05-16 13:08:27 w255.web2010.com
> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -
> 221+2.0.0+w255.web2010.com+closing+connection -

 
 
 

5.7.1 Relaying denied B/C of incorrect domain resolution??

Post by Stev » Sun, 01 Jun 2003 06:50:55


Thanks for the help guys. I had another tech review my DNS
settings. Apparently I had transposed two numbers in the
forwarding DNS numbers....and I don't even have dyslexia!!
Of course it was the second server so it was rare that DNS
would actually use it to resolve. Hopefully this has fixed
the problem.

 
 
 

5.7.1 Relaying denied B/C of incorrect domain resolution??

Post by Shane Van Wyngaard » Sun, 08 Jun 2003 00:03:10


Thamks for the insight, Scott.  I've been banging my head
against the wall ever since this problem surface after
upgrading a client to W2K/E2K a few weeks ago. We have 2  
W2K DNS servers for internal name resolution, buy our ISP
is responsible for all external DNS name resolution.  

The 5.7.1 NDR's are randomly being generated by my
Exchange server (E2K SP3/W2K SP3)when local users try and
send to certain external domains.  I stress that this is
random and if the user immediately resends the message it
goes through successfully. This leads me to believe that
the receiving server is not blocking my mail and that I
have the correct DNS records established for my domain
because a) I have tested reverse lookups on another mail
server external to my organization, and b) the message is
successful on resend.

I will accept that these sorts of errors can occur
periodically for reason like bad DNS replication on the
Internet, but I'm totally stumped by the fact that the
resend works.

Any more insight would be greatly appreciated.
Shane  

Quote:>-----Original Message-----
>Sporadic 5.7.1 caused by DNS is actually a common problem.

>Consider the following:

>1 DNS server works great.  Normally we use this DNS and
everything is fine.

>A secondary DNS server is not working fine however --
e.g., configured to
>only provide root hints and nothing else (no recursive
results).  The
>results that Exchange gets back cause it to connect to

the wrong host.  That
Quote:>host is not configured to allow the domain as inbound,
and thus the 5.7.1.

>There are a wide variety of things that can cause this,
but you'll be best
>served to rule out all the DNS servers you are using

first.  Of course, the
>problem can also be caused by bad DNS replication on the
Internet or
>something similiar, which you'd have no control over, but
that is usually
>more of a problem with just a single domain and you can
work around that
>with an SMTP connector for that domain.

>HTH,
>-Scott



>> I have Exchange 2000 SP3 running on a Windows 2000
domain.
>> I'm having random outbound messages fail with a 5.7.1
>> Relaying Denied error message. This happens two to three
>> messages per day. Troubleshooting on the problem started
>> with smtp logging. As you can see from the log (see log
>> blurb at end of message)the SMTP server connected to the
>> wrong SMTP server (w255.web2010.com) for the domain it
was
>> sending mail to (heathconstruction.com). Everything I
have
>> read points to a dns problem. We have two DNS servers on
>> our network that forward requests to our T1 providers
DNS
>> server (AT&T in this case). I turned on logging on both
>> servers to see if I could tell where the failure was. I
>> reviewed the DNS cache in this case and found
web2010.com
>> in the cache with NO MX or mail record. I went to the
logs
>> on both servers and found no attempt to resolve a MX (or
>> any other) record for the web2010.com server. At this
>> point I have no idea where the SMTP server got the
>> web2010.com address. The Exchange server is set to use
the
>> internal DNS servers. There are no DNS servers set in
the
>> SMTP service. I've tested, retested, and reviewed the
DNS
>> configuration and can't find anything wrong. Doing a
>> NSLOOKUP on domains that fail returns the correct
>> information. Also, in this case the person resent the
mail
>> after it failed and it worked flawlessly. I could see MX
>> records for heathconstruction.com and reviewing the DNS
>> logs showed the lookup for heathconstruction.com MX
record
>> during the second attempt. Every time this has failed it
>> has been the same thing. The SMTP server that the SMTP
>> service has used has not been correct for the domain it
>> was trying to send too. Any idea where to look or what
to
>> log to find out why it randomly connects to the wrong
SMTP
>> server for the domain it is sending too? Also should
>> mention that this has happened with popular domains
also.
>> Aol and hotmail for example.
>> Thank you in advance.
>> 2003-05-16 13:08:26 - OutboundConnectionResponse
SMTPSVC1
>> STEEL - 25 - -

220+w255.web2010.com+ESMTP+Sendmail+8.12.9/8.9.0;+Fri,+16+M

- Show quoted text -

>> ay+2003+09:07:21+-0400+(EDT) -
>> 2003-05-16 13:08:26 w255.web2010.com
>> OutboundConnectionCommand SMTPSVC1 STEEL - 25 EHLO -
>> mail.chiefind.com -
>> 2003-05-16 13:08:26 w255.web2010.com
>> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - - 250-
>> w255.web2010.com+Hello+mail.chiefind.com+
>> [209.36.195.200],+pleased+to+meet+you -
>> 2003-05-16 13:08:26 w255.web2010.com
>> OutboundConnectionCommand SMTPSVC1 STEEL - 25 MAIL -

>> 2003-05-16 13:08:26 w255.web2010.com
>> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -

>> 2003-05-16 13:08:26 w255.web2010.com
>> OutboundConnectionCommand SMTPSVC1 STEEL - 25 RCPT -

>> 2003-05-16 13:08:26 w255.web2010.com
>> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -


- Show quoted text -

Quote:>> -
>> 2003-05-16 13:08:26 w255.web2010.com
>> OutboundConnectionCommand SMTPSVC1 STEEL - 25 RSET - - -
>> 2003-05-16 13:08:26 w255.web2010.com
>> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -
>> 250+2.0.0+Reset+state -
>> 2003-05-16 13:08:27 w255.web2010.com
>> OutboundConnectionCommand SMTPSVC1 STEEL - 25 QUIT - - -
>> 2003-05-16 13:08:27 w255.web2010.com
>> OutboundConnectionResponse SMTPSVC1 STEEL - 25 - -
>> 221+2.0.0+w255.web2010.com+closing+connection -

>.

 
 
 

1. Exchange 5.5 denying incorrect "relay"

I have an Exchange 5.5 server, and some new users that
work remotely.  So I have set them up with SMTP mail, and
have allowed authenticated users to send messages through
the Exchange 5.5 server.  The users can log on and
send/receive mail just fine, but when they try to send
mail to our domain it says "551 This is not a relay host -
mail must be to or from host domain."

This is confusing to me since, as near as I can tell, the
mail is both to AND from the host domain, and should just
be routed inbound (as I have set it up in the Routing tab.)

The other weird thing is that this problem happens in
certain locations, but not others.  I have seen a KB
article on Cisco PIX doing weird things to mail headers.  
Is this possibly the cause, that whenever they are behind
certain firewalls they simply cannot send messages to an
identical domain?

Thanks for any help or insights.

-Bill

2. System Administrator

3. Denying relay for all except local domains ????

4. IMHO Strange Routing/Forwarding behaviour (Routing/Connectivity Problem revisited)

5. I can't mount Public Store. Help me please.

6. 550 Relaying Denied. Not A Local Domain

7. Migration

8. Denying relay for all except local domains ????

9. Incorrect Host Resolution (restest.exe)

10. Relaying issue - Forwards give relaying denied error

11. 554 SPAM-Relay detected and Relaying denied

12. Relaying issue - Forwards give relaying denied error