How do I fix an "invalid" SMTP server issue?

Question

Note: Domains and IPs obfuscated for security.

We have an internal web application that sends e-mail reports out to various vendors. Our primary exchange server (domain name co.XXX.YY.ZZ) does not relay mail, so one of our web servers (Windows Server 2003) is setup with the basic SMTP server to do mail relaying (domain name ABABA.net).

We have about 300 vendors on file and the application works fine. However, one vendor has reported not getting the e-mails sent to them. We've verified the e-mail goes out through our own server logs:

12.34.567.8, ntintwebp, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, 12.34.567.8, 0, 36, 49, 250, 0, MAIL, -,  FROM:<noreply@co.XXX.YY.ZZ>,
12.34.567.8, ntintwebp, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, 12.34.567.8, 0, 25, 28, 250, 0, RCPT, -,  TO:<Joe@schmoe.org>,
12.34.567.8, ntintwebp, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, 12.34.567.8, 0, 81154, 132, 250, 0, DATA, -, <NTINTWEBPZbLAX3cf3e00000025@ntintwebp.ABABA.net>,
98.765.432.100, OutboundConnectionResponse, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 47, 0, 114, 0, 0, -, -, 220 mail.schmoe.org Microsoft ESMTP MAIL Service, Version: 5.0.2195.6713 ready at  Mon, 29 Dec 2008 09:47:41 -0700 ,
98.765.432.100, OutboundConnectionCommand, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 47, 0, 4, 0, 0, EHLO, -, ntintwebp.ABABA.net,
98.765.432.100, OutboundConnectionResponse, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 109, 0, 40, 0, 0, -, -, 250-mail.schmoe.org Hello [11.222.333.44],
98.765.432.100, OutboundConnectionCommand, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 109, 0, 4, 0, 0, MAIL, -, FROM:<noreply@co.XXX.YY.ZZ>,
98.765.432.100, OutboundConnectionResponse, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 140, 0, 47, 0, 0, -, -, 250 2.1.0 noreply@co.XXX.YY.ZZ....Sender OK,
98.765.432.100, OutboundConnectionCommand, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 140, 0, 4, 0, 0, RCPT, -, TO:<Joe@schmoe.org>,
98.765.432.100, OutboundConnectionResponse, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 187, 0, 26, 0, 0, -, -, 250 2.1.5 Joe@schmoe.org ,
98.765.432.100, OutboundConnectionCommand, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 187, 0, 4, 0, 0, BDAT, -, 81476 LAST,
98.765.432.100, OutboundConnectionResponse, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 718, 0, 85, 0, 0, -, -, 250 2.6.0  <NTINTWEBPZbLAX3cf3e00000025@ntintwebp.ABABA.net> Queued mail for delivery,
98.765.432.100, OutboundConnectionCommand, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 718, 0, 4, 0, 0, QUIT, -, -,
98.765.432.100, OutboundConnectionResponse, 4/23/2009, 9:47:02, SMTPSVC1, NTINTWEBP, -, 750, 0, 61, 0, 0, -, -, 221 2.0.0 mail.schmoe.org Service closing transmission channel,

The IT department for the vendor did some research on their end and indicated that the ABABA.net DNS records were not valid and that the NTINTWEBPZbLAX3cf3e00000025@ntintwebp.ABABA.net address was an invalid e-mail address (even through the FROM field is using our valid noreply@co.XXX.YY.ZZ address. In addition they said that the NTINTWEBPZbLAX3cf3e00000025@ntintwebp.ABABA.net address fails the syntax, DNS, and SMTP checks.

We've had a couple of other vendors reporting issues, but having them white list the yavco.net domain has resolved those issues, since I believe they were spam related, and not delivery related.

Any ideas on how to resolve this server issue?

any chance you can post an actual SMTP dialog and not this mangled log file? Much of this log file is in the wrong order, and apparently missing information. — Alnitak, May 01 '09 at 16:31
I'm going to show my ignorance here and state that I'm a developer. Where can I point my admins at to get the full dialog? I kinda thought this was the full dialog they sent me. 8^D — Dillie-O, May 01 '09 at 16:51
NTINTWEBPZbLAX3cf3e00000025@ntintwebp.ABABA.net is their queue-id, not an email address! — Ralf Hildebrandt, Jan 11 '17 at 14:07

score 2 · Accepted Answer · answered May 01 '09 at 16:39

2

This probably has to do with not having public reverse DNS records set up for the server sending the mail.

Check that you have set up a reverse DNS record for your server, and that the address it reports to send from (after any SNATting, etc) can be resolved and reports the correct domain of the sending server.

answered May 01 '09 at 16:39

Brent

22,857
19
70
102

You're right, but I think in this case they don't want public records for ntintwebp.ABABA.net (there isn't a public forward record for it). I think they want to figure out how to remove that address from consideration. – Dave Costa May 01 '09 at 16:49
Your mail relay _must_ have a valid PTR and A record that matches the host it says HELO / EHLO from. – Dave Cheney May 03 '09 at 05:50
Long delay to get processed, but that did the trick. Thanks! – Dillie-O Jun 29 '09 at 16:37

score 0 · Answer 2 · answered May 01 '09 at 16:43

0

My guess is their server is looking at your REPLY-TO address, which is not the same as your FROM address. If you can add an explicit REPLY-TO header on the outgoing message, with the same value as the FROM, that may resolve the issue.

answered May 01 '09 at 16:43

Dave Costa

1,846
1
11
3

How do I fix an "invalid" SMTP server issue?

2 Answers2