Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Exchange
2000.active.directory
2000.admin
2000.announcements
2000.app.conversion
2000.applications
2000.clients
2000.clustering
2000.connectivity
2000.development
2000.documentation
2000.general
2000.information.store
2000.interop
2000.kms
2000.misc
2000.protocols
2000.realtime.collabo.
2000.setup
2000.transport
2000.win2000
admin
application.conversion
applications
clients
clustering
connectivity
design
development
misc
mobility
setup
tools
  
 
date: Mon, 19 Nov 2007 18:03:00 -0800,    group: microsoft.public.exchange2000.connectivity        back       


Re: FQDN    
OK I see what you're saying above, but we have a sticky problem here

Our domain is hosted in UK with a domain.com style address and the smtp 
server FQDN is smtp.domain.com

Our LAN is in Thailand and the box hosting Exchange has a FQDN of 
boxname.domain.local

Our Thai ISP says we must relay through FQDN smtp-adsl.totonline.net

All fine so far, however ......

... when we use relay through smart host, NOTHING leaves the server and 
every mail times out after 36 hours.  When we relay using DNS to resolve 
addresses, everything except to mailhosts using Sender ID verification, goes 
out OK.  This means we cannot sent to Hotmail, AOL, Gmail etc.

Therefore, which FQDN do we put in that -delivery-advanced slot?

The exact error message we get when using DNS is -
The following recipient(s) could not be reached:

      'username@hotmail.com' on 20/11/2007 01:49
            There was a SMTP communication problem with the recipient's 
email server.  Please contact your system administrator.
            <smtp.domainname.com #5.5.0 smtp;550 DY-001 Mail rejected by 
Windows Live Hotmail for policy reasons. We generally do not accept email 
from dynamic IP's as they are not typically used to deliver unauthenticated 
SMTP e-mail to an Internet mail server. http://www.spamhaus.org maintains 
lists of dynamic and residential IP addresses. If you are not an 
email/network admin please contact your E-mail/Internet Service Provider for 
help. Email/network admins, please visit http://postmaster.live.com for email 
delivery information and support>

However, if we do not set to use DNS for sending mail in the virtual server, 
we cannot send anything at all.

This problem started around 2 years ago, and is growing in intensity as more 
webmail domains join the SenderID program.  We are now having to refuse 
orders from customers with emails in those domains, because we cannot reply 
to their emails.

Gaz
date: Mon, 19 Nov 2007 18:03:00 -0800   author:   Gaz

Re: FQDN    
Hi,

You need to enter smtp-adsl.totonline.net as the smart-host on the SMTP 
connector (and you need to make sure that they allow you to relay through 
their server).

Leif

"Gaz"  skrev i meddelelsen 
news:15CD95B4-610F-4AEB-B8AB-F082A2243F04@microsoft.com...
> OK I see what you're saying above, but we have a sticky problem here
>
> Our domain is hosted in UK with a domain.com style address and the smtp
> server FQDN is smtp.domain.com
>
> Our LAN is in Thailand and the box hosting Exchange has a FQDN of
> boxname.domain.local
>
> Our Thai ISP says we must relay through FQDN smtp-adsl.totonline.net
>
> All fine so far, however ......
>
> ... when we use relay through smart host, NOTHING leaves the server and
> every mail times out after 36 hours.  When we relay using DNS to resolve
> addresses, everything except to mailhosts using Sender ID verification, 
> goes
> out OK.  This means we cannot sent to Hotmail, AOL, Gmail etc.
>
> Therefore, which FQDN do we put in that -delivery-advanced slot?
>
> The exact error message we get when using DNS is -
> The following recipient(s) could not be reached:
>
>      'username@hotmail.com' on 20/11/2007 01:49
>            There was a SMTP communication problem with the recipient's
> email server.  Please contact your system administrator.
>            <smtp.domainname.com #5.5.0 smtp;550 DY-001 Mail rejected by
> Windows Live Hotmail for policy reasons. We generally do not accept email
> from dynamic IP's as they are not typically used to deliver 
> unauthenticated
> SMTP e-mail to an Internet mail server. http://www.spamhaus.org maintains
> lists of dynamic and residential IP addresses. If you are not an
> email/network admin please contact your E-mail/Internet Service Provider 
> for
> help. Email/network admins, please visit http://postmaster.live.com for 
> email
> delivery information and support>
>
> However, if we do not set to use DNS for sending mail in the virtual 
> server,
> we cannot send anything at all.
>
> This problem started around 2 years ago, and is growing in intensity as 
> more
> webmail domains join the SenderID program.  We are now having to refuse
> orders from customers with emails in those domains, because we cannot 
> reply
> to their emails.
>
> Gaz
date: Sun, 25 Nov 2007 23:03:14 +0100   author:   Leif Pedersen [ MVP]

Re: FQDN    
Hi Leif

I've done that several times, including switching in and out of it as the 
router changes each dynamically-acquired IP from TOT - each of which I've 
checked through www.spamhaus.org (and found all of them to be on the PBL in 
red).

TOT absolutely point blank refuse to provide SMTP relaying regardless of the 
subscription type you pay - in their limited English they simply state that 
relay = spam = abuse and risk entire TOT IP range being blocked worldwide 
(they sort of have a point about that under the Sender ID + SpamHaus cartel 
system).

They've even gone so far as to arrive unannounced this morning to install a 
T1 line (in addition to the ADSL) for a two month test to see if this will 
resolve the email and other problems we've been having (rolls eyes at the 
drasticness of it) luckily they're providing it free during the test period.

The only correlation I can find is that if by chance a non-PBL blocked IP 
arrives on our router, email to Hotmail goes out, when it is a PBL blocked 
IP, it does not.

This leads me to believe that the Microsoft et al Spamhaus-initiative has 
rendered any Exchange server not on a fixed IP, to be worthless and a waste 
of the license(s) purchase price...... unless Microsoft can promulgate an 
ABSOLUTE fix for the issue.  If not, well lets just say the words "action, 
class, refund, worldwide" spring to mind, but not in that order, as gathering 
on the horizon when word of this becomes mainstream knowledge.

Gaz



"Leif Pedersen [ MVP]" wrote:

> Hi,
> 
> You need to enter smtp-adsl.totonline.net as the smart-host on the SMTP 
> connector (and you need to make sure that they allow you to relay through 
> their server).
> 
> Leif
date: Mon, 26 Nov 2007 02:26:01 -0800   author:   Gaz

Re: FQDN    
Yeah, thanks for nothing  shhhhhh@hush.com

If reading the manual was the answer, do you think I'd be here looking for 
assistance?  As for SMTP AUTH - there is NO setting in Exchange Server 2000 
to input credentials for that particular service (even with SP3 and post-SP3 
applied) and the Sender ID "patchwork" v1.0 that was released for Exchange 
2000 has been withdrawn by Microsoft and released by v2.0 which is only for 
Win2003 and later hosting Exchange 2003 and later.

So far, I've spent around 2 years trying to resolve this problem (and only 
learned of Sender ID about 2 months ago) a lot of which time has seen me 
daily researching Technet and other resources.  In the last month, we've 
started to be affected by private domains in the SME sector issuing the same 
error messages as we get when we send to Hotmail et al, which is why I've 
stepped up the search for a solution.

...... and NO!  I did not buy and install SBS2000 for the purpose you 
suggested - I bought it for a solution which was working at the time of 
purchase - authenticated LAN users sending transaction and customer support 
emails via Exchange Server and DNS to the tens of thousands of customers we 
have worldwide, then Microsoft and friends moved the goalposts rendering the 
product virtually useless as a communications server until a solution is 
located and implemented.

Microsoft broke it, Microsoft should fix it - simple statement of fact.
date: Mon, 26 Nov 2007 08:15:00 -0800   author:   Gaz

Re: FQDN    
Forgot to clarify - open relay has been "off" (closed) since the product was 
first installed (and has never been opened even during testing various 
fix-attempts).
Only LAN users with authenticated LAN logins and passwords are allowed to 
send mail.  All incoming mail to non-registered user names is filtered to a 
scrutiny mailbox, therefore further preventing bounce-through relaying.  
Anti-virus software is religiously updated nightly (on server and 
workstations) and we have restrictive policies on items like number of 
recipients (To / cc / bcc) per email etc with admin alerts if more than X 
number of emails per minute are attempting to send.

And after a decade managing Exchange servers, I've never seen a setting in 
the admin panels called SMTP AUTH (and believe me, I've looked).  I know what 
it is and what it does, but I cannot find a place to set it anywhere in 
Exchange 4.5 / 5.0 / 5.5 or 2000 where the help files, manuals, Technet or 
any other source refers to it as SMTP AUTH

..... so if someone would like to provide a step-by-step path to it, then 
I'll shut up and go try it ;-)

Gaz

"shhhhhh@hush.com" wrote:

> On Nov 26, 11:26 am, Gaz  wrote:
> > Hi Leif
> >
> > I've done that several times, including switching in and out of it as the
> > router changes each dynamically-acquired IP from TOT - each of which I've
> > checked throughwww.spamhaus.org(and found all of them to be on the PBL in
> > red).
> >
> > TOT absolutely point blank refuse to provide SMTP relaying regardless of the
> > subscription type you pay - in their limited English they simply state that
> > relay = spam = abuse and risk entire TOT IP range being blocked worldwide
> > (they sort of have a point about that under the Sender ID + SpamHaus cartel
> > system).
> 
> Sure *open relays* are not allowed on the internet, of course Spamhaus
> will blacklist them and so will any ISP if they find one. You need to
> use a secure (closed) relay and use SMTP Authentication to tell the
> relay you're a customer. That's what everyone else does.
> 
> > This leads me to believe that the Microsoft et alSpamhaus-initiative has
> > rendered any Exchange server not on a fixed IP, to be worthless and a waste
> > of the license(s) purchase price......
> 
> Well yes if you bought it to send mail 'direct-to-mx' off a dynamic
> IP. Surely you didn't buy it for that purpose...
> 
> > If not, well lets just say the words "action,
> > class, refund, worldwide" spring to mind
> 
> Or the words "read manual, use SMTP AUTH" ;)
>
date: Mon, 26 Nov 2007 08:28:02 -0800   author:   Gaz

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us