SYMPTOMS
After configuring branding at Exchange SMTP servers, some mail servers (like AOL, Yahoo) reject messages sent by these Exchange SMTP servers.
The reason of rejecting messages is that DNS reverse lookup of IP address that Exchange SMTP server uses for outgoing connections does not resolve to FQDN of the server specified in the EHLO command.
CAUSE
The problem is caused by the way SMTP service in Exchange Server 2003 assigns source IP address when opening outgoing connection. If multiple IP addresses are configured, an arbitrary IP address is assigned as source IP address to outgoing connection (http://msexchangeteam.com/archive/2005/02/25/380481.aspx, Myth 4: Virtual Server IP Address Will Be Used For Outgoing Connections).Branding configuration at Exchange SMTP servers involves adding new IP addresses to the servers. So these new IP addresses may be assigned as source IP address to outgoing connection.
To prevent unsolicited email messages some mail servers (like AOL, Yahoo) perform special checks to ensure sending mail server is as it claims to be. This process involves taking IP address of the sending mail server and verifying that DNS reverse lookup for IP address reports DNS name the same as in the EHLO command issued by the sending mail server.
If DNS reverse lookup for these new IP addresses does not report corresponding FQDN, some mail servers (like AOL, Yahoo) will reject messages sent from this IP address.
RESOLUTION
Variant 1:For each IP address configured on Exchange SMTP server, create PTR record in the reverse lookup zone resolving corresponding public IP address to FQDN that Exchange SMTP server put into EHLO command.
Varaint 2:
Configure firewall rules for outgoing connections so that all IP addresses configured on Exchange SMTP server are translated to the same public IP address.
English
Chinese
French
German
Japanese
Russian
Spanish