none
Fail to receive external email for primary smtp set as internal domain and secondary smtp as internet domain RRS feed

  • Question

  • Some of our users are originally only allowed to receive internal email (thus their email are set as xxxx@fake.local ) and recenly are required to receive external mail, so I add the new smtp address associate with internet domain (xxxx@mycompany.com) to them, however they are failed to receive the email. I checked the spam filter has shown - 554 5.4.4 [internal] Domain Lookup Failed.

    Is it a must that I've to set the primary smtp address as the internet domain or I should do something on the Exchange or spam filter to allow relay of mail?

    Exchange version: Exchange 2003 Ent Sp2

    Thanks!

    
    

    • Edited by Kathy.Wong Thursday, July 3, 2014 7:34 AM
    Thursday, July 3, 2014 7:32 AM

Answers

  • Is "fake.local" in your Recipient Policies? Is your organization responsible for that domain in any of your recipient policies?

    What spam filter? Do you see anything in your SMTP protocol logs for the inbound message sent to xxx@company.com? It's important to know if it was Exchange that rejected the message or the spam filter.


    --- Rich Matheisen MCSE&I, Exchange MVP

    Thursday, July 3, 2014 3:17 PM
  • Hmmm . .  I thought I replied to this earlier, but I don't see what I wrote!

    Is "the mailgate" your Exchange server?

    Are you seeing the "550 5.7.1 unable to relay" in the Exchange SMTP protocol log?

    When you added the fake.local address to you recipient policy did you also check the box that made your organization responsible for the delivery of messages to that domain?

    As a simple test, have you tried using a telnet session (on port 25, or course) to send a message to that address directly to your server?


    --- Rich Matheisen MCSE&I, Exchange MVP

    Tuesday, July 8, 2014 2:36 PM

All replies

  • Is "fake.local" in your Recipient Policies? Is your organization responsible for that domain in any of your recipient policies?

    What spam filter? Do you see anything in your SMTP protocol logs for the inbound message sent to xxx@company.com? It's important to know if it was Exchange that rejected the message or the spam filter.


    --- Rich Matheisen MCSE&I, Exchange MVP

    Thursday, July 3, 2014 3:17 PM
  • Recipient Policies - is it the ESM -> Recipients -> Recipient Policies? There is no policy addressing the fake.local address.

    We are using Symantec Messaging Gateway. I can't find any log in the Exchange Message tracking center.

    And at the mailgate, I've try the recipient validation, result as follow:

    The LDAP server returned a success status for the recipient validation query. The test address was found in the directory (valid recipient).

    Then I perform an address resolution query at the mailgate, result as follow:

    The LDAP server returned a success status for the address resolution query.

    Test email address: xxx@mycompany.com(or work for xxx@fake.local)

    Entry type: recipient

    Primary address: xxx@fake.local

    proven the mailgate is able to lookup the email from LDAP. thinking that may be missing a policy at the mailgate to accept the fake.local domain, so I add this domain to the accepted domain at mailgate, but still failed to delivery (I've already clear the LDAP cache at mailgate before test again)

    Before I add the fake.local to the accept domain on the mailgate, the message audit log on it shows:

    Attempted delivery to: default-non-local route 554 5.4.4 [internal] domain lookup failed

    Attempted delivery to: default-non-local-route 454 4.4.4 [internal] no mx or a for domain

    After I add the fake.local to the accept domain on the mailgate, the message audit log shows:

    Attempted Delivery to: [Exchange IP] 550 5.7.1 unable to relay for xxx@fake.local

    I can't find any other setting relating to accepted domain on the mailfate, guessing it should be Exchange reject it.

    
    
    
    
    
    
    
    
    Friday, July 4, 2014 3:08 AM
  • Hi,

    You can use ADSIEDIT or LDP.EXE to compare the legacyExchangeDN attribute and X500 Address between a good and problematic user.

    Thanks,

     


    Simon Wu
    TechNet Community Support

    Saturday, July 5, 2014 5:48 AM
    Moderator
  • Hi Simon,

    I think it should be not related to legacyExchangeDN attribute and X500 Address, cause both the good and problematic user are having same format of legacyExchangeDN except the cn part. and both of them don;t have the X500 address.

    Thanks!

    
    Monday, July 7, 2014 9:54 AM
  • Hmmm . .  I thought I replied to this earlier, but I don't see what I wrote!

    Is "the mailgate" your Exchange server?

    Are you seeing the "550 5.7.1 unable to relay" in the Exchange SMTP protocol log?

    When you added the fake.local address to you recipient policy did you also check the box that made your organization responsible for the delivery of messages to that domain?

    As a simple test, have you tried using a telnet session (on port 25, or course) to send a message to that address directly to your server?


    --- Rich Matheisen MCSE&I, Exchange MVP

    Tuesday, July 8, 2014 2:36 PM