Menu
Reply
FrankAKay
  • 4
  • 0
  • 1
Tuning in
1,840 Views
Message 1 of 9
Flag for a moderator

from about a fortnight ago email to virgin media addresses from 3 different domains is being rejected

I support 5 different businesses which use Windows 2016 Servers with on-premises Exchange 2016.

About a fortnight ago, messages from these systems to ntlworld.com and virginmedia.com addresses began to be rejected, although such messages have been received properly up to now, for several years.  No other Internet email provider has rejected our mail.

Virgin Media support suggested I post this in the Community Forum.

I would be pleased to have this problem explained - the general solution proposed by the recipients no longer receiving communications from us is to switch to an email address that does!  gmail.com, AIM (ie AOL), mac.com, msn.com, hotmail.com, live.co.uk, outlook.com all working fine.

The following failure messages give information.


----------------------------------------------------------------------------------
Diagnostic information for administrators:
Generating server: TRINITY-EX.trinity.local
Receiving server: mx.tb.ukmail.iss.as9143.net (212.54.56.11)
[removed]
Server at mx.tb.ukmail.iss.as9143.net (212.54.56.11) returned '400 4.4.7 Message delayed'
12/06/2020 16:59:32 - Server at mx.tb.ukmail.iss.as9143.net (212.54.56.11) returned '451 4.4.395 Target host responded with error. -> 421 EHLO MXIN201 Your HELO/EHLO TRINITY-EX.trinity.local is not matching your DNS configuration host81-149-43-145.in-addr.btopenworld.com ;id=jn1gjSOBMGClo;sid=jn1gjSOBMGClo;mta=mx4.tb;d=20200612;t=185932[CET];ipsrc=81.149.43.145;'
Original message headers:
Received: from TRINITY-EX.trinity.local (192.168.1.5) by
TRINITY-EX.trinity.local (192.168.1.5) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.1779.2; Fri, 12 Jun 2020 14:05:27 +0100
Received: from TRINITY-EX.trinity.local ([fe80::e918:5222:6e63:4a50]) by
TRINITY-EX.trinity.local ([fe80::e918:5222:6e63:4a50%2]) with mapi id
15.01.1779.002; Fri, 12 Jun 2020 14:05:27 +0100
From: [removed]
To: <2 addresses deleted>, [removed], <4 addresses deleted>
Subject: Update to staff
Thread-Topic: Update to staff
Thread-Index: AdZAud4qL2caSQF2QjiVuJKfFy2E9A==
Date: Fri, 12 Jun 2020 13:05:27 +0000
Message-ID: <6345689d7d3343449d56788047cd17ed@wearetrinity.org.uk>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.1.57]
Content-Type: multipart/mixed;
boundary="_014_6345689d7d3343449d56788047cd17edwearetrinityorguk_"
MIME-Version: 1.0
X-SPAMfighter-Result: E-mail accepted (Neutral)
X-SPAMfighter-Direction: Outbound

----------------------------------------------------------------------------------
Diagnostic information for administrators:

Generating server: CHCHCW-EX.chchcw.local
Receiving server: mx.tb.ukmail.iss.as9143.net (212.54.56.11)

[removed]
Server at mx.tb.ukmail.iss.as9143.net (212.54.56.11) returned '400 4.4.7 Message delayed'
6/16/2020 1:11:08 AM - Server at mx.tb.ukmail.iss.as9143.net (212.54.56.11) returned '451 4.4.395 Target host responded with error. -> 421 EHLO MXIN201 Your HELO/EHLO CHCHCW-EX.chchcw.local is not matching your DNS configuration chchcw.org.uk ;id=l084jlHU1Z6mG;sid=l084jlHU1Z6mG;mta=mx12.tb;d=20200616;t=031108[CET];ipsrc=84.92.94.127;'

Original message headers:

Received: from CHCHCW-EX.chchcw.local (192.168.1.5) by CHCHCW-EX.chchcw.local
(192.168.1.5) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1415.2; Mon, 15 Jun
2020 22:20:02 +0100
Received: from CHCHCW-EX.chchcw.local ([fe80::9583:4eec:74ec:f489]) by
CHCHCW-EX.chchcw.local ([fe80::9583:4eec:74ec:f489%3]) with mapi id
15.01.1415.002; Mon, 15 Jun 2020 22:20:02 +0100
From: [removed]
To: [removed]>, <2 addresses deleted>
Subject: RE: Pastoral prayers
Thread-Topic: Pastoral prayers
Thread-Index: AQHWQzJCaGmxXzIFnU+sK2yVjN/DnqjaK7xQ
Date: Mon, 15 Jun 2020 21:20:02 +0000
Message-ID: <a37b457c77194697a00fd5fb53366b46@cccw.org.uk>
References: <7FBA2595-5EEC-4FC3-AC4E-333F48A4E05D@ntlworld.com>
In-Reply-To: <7FBA2595-5EEC-4FC3-AC4E-333F48A4E05D@ntlworld.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.1.4]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0

----------------------------------------------------------------------------------
Diagnostic information for administrators:
Generating server: BTC-EX.bracknel.local
Receiving server: BTC-EX.bracknel.local
[removed]
20/06/2020 17:55:06 - Server at BTC-EX.bracknel.local returned '550 5.4.300 Message expired -> 451 4.4.395 Target host responded with error. -> 421 EHLO MXIN201 Your HELO/EHLO BTC-EX.bracknel.local is not matching your DNS configuration 94-30-2-214.xdsl.business-dsl.co.uk ;id=mhYAjMfCFLgyB;sid=mhYAjMfCFLgyB;mta=mx5.tb;d=20200620;t=194506[CET];ipsrc=94.30.2.214;'
20/06/2020 17:45:05 - Server at mx.tb.ukmail.iss.as9143.net (212.54.56.11) returned '451 4.4.395 Target host responded with error. -> 421 EHLO MXIN201 Your HELO/EHLO BTC-EX.bracknel.local is not matching your DNS configuration 94-30-2-214.xdsl.business-dsl.co.uk ;id=mhYAjMfCFLgyB;sid=mhYAjMfCFLgyB;mta=mx5.tb;d=20200620;t=194506[CET];ipsrc=94.30.2.214;'
Original message headers:
Received: from BTC-EX.bracknel.local (192.168.1.5) by BTC-EX.bracknel.local
(192.168.1.5) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Thu, 18 Jun
2020 18:54:42 +0100
Received: from BTC-EX.bracknel.local ([fe80::281c:caf6:b224:a10f]) by
BTC-EX.bracknel.local ([fe80::281c:caf6:b224:a10f%6]) with mapi id
15.01.1713.004; Thu, 18 Jun 2020 18:54:42 +0100
From: [removed]
To: [removed]
Subject: Re: Re: Street cleaning and grounds maintenance contractor complaint
- BFC218600811
Thread-Topic: Re: Street cleaning and grounds maintenance contractor complaint
- BFC218600811
Thread-Index: AQHWRYbbCbgrjBC7uUmnSdZqbA9clqjeqAkb
Date: Thu, 18 Jun 2020 17:54:42 +0000
Message-ID: <DB6PR08MB2759BFAF809BD04AAA7821DCF19B0@DB6PR08MB2759.eurprd08.prod.outlook.com>
References: <64d937a3-e20e-4f26-9621-4b160faba862@BFEXCASHUB2.BFBC.Local>,<969059875.212194.1592494855964@mail2.virginmedia.com>
In-Reply-To: <969059875.212194.1592494855964@mail2.virginmedia.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative;
boundary="_000_DB6PR08MB2759BFAF809BD04AAA7821DCF19B0DB6PR08MB2759eurp_"
MIME-Version: 1.0
----------------------------------------------------------------------------------

 [MOD EDIT: Personal and private information has been removed from this post. Please do not post personal or private information in your public posts. Please review the Forum Guidelines]

0 Kudos
Reply
用心棒
  • 5.82K
  • 655
  • 2.03K
Very Insightful Person
Very Insightful Person
1,806 Views
Message 2 of 9
Flag for a moderator

Re: from about a fortnight ago email to virgin media addresses from 3 different domains is being rejected

Similar issue addressed in this post Re: Emails from specific address being bounced back.

 

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

  Use Kudos to say thanks

  Mark as Helpful Answer if I've helped

0 Kudos
Reply
Graham_A
  • 16.16K
  • 2.26K
  • 6.9K
Very Insightful Person
Very Insightful Person
1,802 Views
Message 3 of 9
Flag for a moderator

Re: from about a fortnight ago email to virgin media addresses from 3 different domains is being rejected

There are other community members with a more detailed knowledge than me on this, however, the failure messages seem to imply that your email sending servers are not correctly configured, specifically in relation to the DNS configuration.

________________________________
Graham

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media, I'm a VM customer. There are no guarantees that my advice will work. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
HowardML
  • 12.29K
  • 1.43K
  • 5.74K
Very Insightful Person
Very Insightful Person
1,798 Views
Message 4 of 9
Flag for a moderator

Re: from about a fortnight ago email to virgin media addresses from 3 different domains is being rejected

I think this is easy to explain and I hope I can do so. The answer is in the error messages itself. and this article explains what is going wrong.

https://www.xeams.com/resolvedipnomatch.htm

Entirely down to you to resolve. VM's servers will check this issue and reject or greylist offending mail Other ISPs are not so fussy what they let through, but VM is stricter and stricter about its spam prevention methods.

But I will ask one of our more expert VM VIPs to cast an eye over this. @ravenstar68



I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
ravenstar68
  • 19.03K
  • 1.11K
  • 8.25K
Very Insightful Person
Very Insightful Person
1,747 Views
Message 5 of 9
Flag for a moderator
Helpful Answer

Re: from about a fortnight ago email to virgin media addresses from 3 different domains is being rejected

There are a number of issues going on here.

Lets start with the EHLO greetings.

421 EHLO MXIN201 Your HELO/EHLO TRINITY-EX.trinity.local is not matching your DNS configuration host81-149-43-145.in-addr.btopenworld.com
421 EHLO MXIN201 Your HELO/EHLO CHCHCW-EX.chchcw.local is not matching your DNS configuration chchcw.org.uk
421 EHLO MXIN201 Your HELO/EHLO BTC-EX.bracknel.local is not matching your DNS configuration 94-30-2-214.xdsl.business-dsl.co.uk

There are 3 different servers in play here but they are all identifying themselves to the world using a .local domain name.

.local is a special TLD used to refer to hosts on the SAME SUBNET, it's not an FQDN that a server should be using to identify itself when sending outbound mail.

Each of those servers sends to VM using a public IP address.  There should be a FQDN associated with that IP.  So the first thing to do is to fix your server EHLO

The second thing you need to do is to fix your reverse IP lookups for each servers PUBLIC IP address.

Currently:

BTC-EX.bracknel.local - sits behind - 94.30.2.214 - the reverse IP lookup reads 94-30-2-214.xdsl.business-dsl.co.uk
CHCHCW-EX.chchcw.local - sits behind 84.92.94.127 - the reverse lookup reads - chchcw.org.uk
TRINITY-EX.trinity.local - sits behind 81.149.43.145 - the reverse lookup reads host81-149-43-145.in-addr.btopenworld.com

So in all 3 cases you've also not correctly configured your reverse DNS for the outbound servers public IP addresses.

Two are generic reverse lookups provided by ISP's, and the middle one is a bare domain name rather than an FQDN

So what you or the organisations need to do is as follows.

1.  Decide on a proper FQDN for each of the mail server PUBLIC IP addresses
2.  Set the A (IPv4) and/or AAAA (IPv6) records for each FQDN to point to their public IP addresses.
3.  Set the reverse IP lookups for the public IP addresses to point back to the  relevant FQDN

For example for my own mail server.

1.  I settled on a hostname of box.timothydutton.co.uk
2. If you lookup box.timothydutton.co.uk in DNS you get 77.68.89.100 (my servers IP address)
3. If you look up the reverse entry for 77.68.89.100 you get the result box.timothydutton.co.uk

The EHLO/HELO your server uses on it's outbound side should also be it's FQDN - All well configured servers should follow this rule.  Failure to do this can lead your server being given a higher spam score at least, and some blacklists specifically list poorly configured mail servers such as yours.

Tim

Tim

 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

FrankAKay
  • 4
  • 0
  • 1
Tuning in
1,687 Views
Message 6 of 9
Flag for a moderator

Re: from about a fortnight ago email to virgin media addresses from 3 different domains is being rejected

Thanks, Tim - the general problem is historic, I'm afraid, as all 3 organisations have changed their public names over time, and 2 of them have changed ISPs outside of my control also. I'll get that side of things sorted.

The real puzzle is what has happened in Virgin to suddenly highlight the problem, when others are lagging behind in getting upset!

Best wishes, and I trust you and yours are keeping safe, Frank
0 Kudos
Reply
FrankAKay
  • 4
  • 0
  • 1
Tuning in
1,686 Views
Message 7 of 9
Flag for a moderator

Re: Your ntlworld account settings are out of date

Thanks - I understand the full problem, but was more interested in why it had suddenly caused indigestion with Virgin.  I don't have a Virgin account - is it possible to request 'whitelisting' in the meantime?

0 Kudos
Reply
FrankAKay
  • 4
  • 0
  • 1
Tuning in
1,678 Views
Message 8 of 9
Flag for a moderator

Re: from about a fortnight ago email to virgin media addresses from 3 different domains is being rejected

Thanks, Graham - I have not used Virgin Community before, so apologise that I have just tried to respond to you and got mixed up with a different thread.

I understand the issue with DNS, and have had a very succinct and helpful reply from 'ravenstar'.  The URLs and servers concerned belong to organisations who have changed their names with time, and on occasion their ISP, under no control of mine.  It needs untangling!

My query is principally why the DNS problem suddenly causes indigestion for Virgin accounts (eg ntlworld, virginmedia), when no other mail provider appears to be worried.

I don't use Virgin, but is it possible for a user to request 'whitelisting' of our addresses in the meantime?  We are well-behaved and reputable organisations, if a bit short on IT manpower!

Regards, Frank Kay

 

ravenstar68
  • 19.03K
  • 1.11K
  • 8.25K
Very Insightful Person
Very Insightful Person
1,660 Views
Message 9 of 9
Flag for a moderator

Re: from about a fortnight ago email to virgin media addresses from 3 different domains is being rejected

VM users have been spammed for moths and a good proportion of the spam I've seen has come from mail servers that don't obey proper email ettiquette.  That's why when you run an email server, it's always best to make sure your server is configured correctly.

The people who've moved ISP's should be able to contact their ISP's and get the reverse DNS set up pretty quickly.

I don't work for Virgin Media myself and I can't guarantee they'll whitelist your servers but I will ask the @ModTeam to take a look.

However VM have to speak to a third party re the whitelisting, so it would probably be quicker to reconfigure the respective servers.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks