1

I can see from SMTP logs that some mail is being rejected

OutboundConnectionResponse SMTPSVC1 Sxxx - 25 - - 504+:+Helo+command+rejected:+need+fully-qualified+hostname 0 0 69 0 47 SMTP

In IIS6 > SMTP > Delivery > Advanced I can see that the FQDN is set to the server name 'Sxxx'

This server hosts lots of different websites on different domains so I am not sure what this FQDN actually refers to? The server has no domain name of it's own, just IP addresses. The websites all have different domain names, so which one to choose.

As SMTP (AFAIK) just shunts out messages it has no real 'identity' itself: it's just given an email, looks at the recipient domain, finds the associated mx record and server and tries to pass the file/email to that server. Is my understanding here correct? If so, what should I do to provide a FQDN.

EDIT: just realised that the websites that send emails specify an actual external mail server, not localhost, so presumably they connect to the local SMTP service which passes the mail onto the specified external mail server (or does it bypass the local SMTP server completely and connect directly to the external mail server?) and it is that which actually sends the mail to the recipient (I'm missing some fundamental concepts here, I know) - so maybe the SMTP FQDN should be that of the external mail server?

If

Neil Thompson
  • 125
  • 1
  • 7
  • `Sxxx` is not a fully qualified hostname. `Sxxx.yourdomain.tld` is a fully qualified hostname. – joeqwerty Mar 07 '14 at 14:03
  • @joeqwerty yes I know: The server has defaulted the FQDN entry to a value of s3831611 and when I click [check DNS] the message box (unhelpfully imo) says "The domain name is valid". I know that s3831611 is meaningless to any another server. If I tracert s3831611 I get s3831611 .some-domain.com - I should probably change the FQDN to that address? – Neil Thompson Mar 07 '14 at 14:40

2 Answers2

2

The FQDN value found under Delivery -> Advanced in the SMTP server properties is the domain name that the SMTP Server uses when it has to identify itself to other mail servers.

Most receiving MTA's will try to validate this identity by performing a reverse DNS lookup for the IP address of your sending server, so make sure the FQDN you input is also present in the PTR record for the public IP address of your server:

If you use the FQDN mailserver01.neilthompson.tld and your IP address is 1.2.3.4, make sure that the PTR record at 4.3.2.1.in-addr.arpa has a value of mailserver01.neilthompson.tld. Your ISP should be able to help you with this if you don't have authority of your own reverse zones

Mathias R. Jessen
  • 25,161
  • 4
  • 63
  • 95
1

As SMTP (AFAIK) just shunts out messages it has no real 'identity' itself: it's just given an email, looks at the recipient domain, finds the associated mx record and server and tries to pass the file/email to that server. Is my understanding here correct?

That's right so far. But as we unfortunately are in the Age of eMail Spam, recipient servers to want to see valid IDs on their customs premises, i.e. FQDNs, valid DNS records and such.

just realised that the websites that send emails specify an actual external mail server, not localhost,

Ok, in that case you wouldn't see any SMTP logs on your server.

But: As you're into the "SMTP business", you will need a fqdn for your server nevertheless, like 'Sxxx.yourdomain.tld' - be careful it resolves in both directions (fqdn -> IP and IP -> fqdn).

vautee
  • 495
  • 3
  • 11
  • Thank you. There are multiple issues I am trying to resolve and your post has really helped: Despite the website email sending code specifying an external mail server, somehow IIS SMTP is grabbing the email (as there are logs). I'm going to try disabling this service and rebooting as my next point of call. Thanks again. – Neil Thompson Mar 07 '14 at 13:05