none
Error correo Externo RRS feed

  • Pregunta

  • Buenas tardes tengo un servidor exchange 2003 y me da problemas el siguiente error

    "Problema de comunicación de SMTP con el servidor de correo electrónico del destinatario. Póngase en contacto con el administrador del sistema.
      <dominio.com #5.5.0 smtp;550 Remote host used my domain name in HELO/EHLO greeting. You are not me.>"

     

    Este error no me pasa cuando se envian correos a hotmail, gmail, etc.

     

    Sabe alguno a que se debera este problema? 

     

    Gracias

     

    Jose Luis

    domingo, 19 de noviembre de 2006 15:25

Respuestas

  • Es lo miso que te dije en mensajes anteriores : )

    Si esto esta de esta manera , deberias chequear en la configuracion del Exchange, en la configuracion del Conector SMTP si mal no recuerdo en la solapa delivery y luego avanzadas donde dice DNS deberias poner el nombre FQDN de tu servidor por ej mail.dominio.com asegurate de que ahi no haya ningun caracter invalido o algo por el estilo.

     

    Buenas practicas para el uso de los foros
    Si la respuesta te es de utilidad marca la pregunta como respondida.
    No pongas las preguntas en mas de un foro.

    Slds.
    Sebastian del Rio

    miércoles, 6 de diciembre de 2006 2:33
    Moderador

Todas las respuestas

  • joselgo , en primer punto deberias chequear la configuracion de la zona DNS de tu dominio podes utliizar alguna paguna tipo  http://www.dnsreport.com/ . para ver que todo este correcto. Recorda que lo ideal es que tu registro MX apunte a un nombre mail.dominio.com por ejemplo , y luego hacer un registro A  mail.dominio.com A ipdetuserver.

    Si esto esta de esta manera , deberias chequear en la configuracion del Exchange, en la configuracion del Conector SMTP si mal no recuerdo en la solapa delivery y luego avanzadas donde dice DNS deberias poner el nombre FQDN de tu servidor por ej mail.dominio.com asegurate de que ahi no haya ningun caracter invalido o algo por el estilo.

    Tambien podes chequear estos articulos

    http://support.microsoft.com/default.aspx?scid=kb;es;319426

    http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_21845583.html

    Buenas practicas para el uso de los foros
    Si la respuesta te es de utilidad marca la pregunta como respondida.
    No pongas las preguntas en mas de un foro.

    Slds.
    Sebastian del Rio

    domingo, 19 de noviembre de 2006 18:52
    Moderador
  •  

    Esta es la informacion que devuelme sobre el dominio de la empresa. He leido los articulos y he realizado pruebas, pero sigue sin funcionar, me parece que el proveedor me esta filtrando, ya que para las cuentas que estan en servidores fuera de mi ISP si les llega correctamente, a su vez les escribi para que me dieran el registro MX y me dan respuetsa negativa, como lo puedo averiguar? a ver si eso, o habilitar algun fichero para tratar de filtrar el error concreto.

     

    Gracias

    Category Status Test Name Information
    Parent PASS Missing Direct Parent check OK. Your direct parent zone exists, which is good. Some domains (usually third or fourth level domains, such as example.co.us) do not have a direct parent zone ('co.us' in this example), which is legal but can cause confusion.
    INFO NS records at parent servers Your NS records at the parent servers are:

    ns1.landsraad.net. [195.5.64.2] [TTL=172800] [ES]
    ns2.landsraad.net. [195.5.64.6] [TTL=172800] [ES]
    [These were obtained from b.gtld-servers.net]
    PASS Parent nameservers have your nameservers listed OK. When someone uses DNS to look up your domain, the first step (if it doesn't already know about your domain) is to go to the parent servers. If you aren't listed there, you can't be found. But you are listed there.
    PASS Glue at parent nameservers OK. The parent servers have glue for your nameservers. That means they send out the IP address of your nameservers, as well as their host names.
    PASS DNS servers have A records OK. All your DNS servers either have A records at the zone parent servers, or do not need them (if the DNS servers are on other TLDs). A records are required for your hostnames to ensure that other DNS servers can reach your DNS servers. Note that there will be problems if your DNS servers do not have these same A records.
    NS INFO NS records at your nameservers Your NS records at your nameservers are:

    ns2.landsraad.net. [195.5.64.6] [TTL=172800]
    ns1.landsraad.net. [195.5.64.2] [TTL=172800]
    FAIL Open DNS servers ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are:

    Server 195.5.64.2 reports that it will do recursive lookups. [test] Server 195.5.64.6 reports that it will do recursive lookups. [test] See this page for info on closing open DNS servers.
    PASS Mismatched glue OK. The DNS report did not detect any discrepancies between the glue provided by the parent servers and that provided by your authoritative DNS servers.
    PASS No NS A records at nameservers OK. Your nameservers do include corresponding A records when asked for your NS records. This ensures that your DNS servers know the A records corresponding to all your NS records.
    PASS All nameservers report identical NS records OK. The NS records at all your nameservers are identical.
    PASS All nameservers respond OK. All of your nameservers listed at the parent nameservers responded.
    PASS Nameserver name validity OK. All of the NS records that your nameservers report seem valid (no IPs or partial domain names).
    PASS Number of nameservers OK. You have 2 nameservers. You must have at least 2 nameservers (RFC2182 section 5 recommends at least 3 nameservers), and preferably no more than 7.
    PASS Lame nameservers OK. All the nameservers listed at the parent servers answer authoritatively for your domain.
    PASS Missing (stealth) nameservers OK. All 2 of your nameservers (as reported by your nameservers) are also listed at the parent servers.
    PASS Missing nameservers 2 OK. All of the nameservers listed at the parent nameservers are also listed as NS records at your nameservers.
    PASS No CNAMEs for domain OK. There are no CNAMEs for midominio.net. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
    PASS No NSs with CNAMEs OK. There are no CNAMEs for your NS records. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
    WARN Nameservers on separate class C's WARNING: All of your nameservers (listed at the parent nameservers) are in the same Class C (technically, /24) address space, which means that they are probably at the same physical location. Your nameservers should be at geographically dispersed locations. You should not have all of your nameservers at the same location. RFC2182 3.1 goes into more detail about secondary nameserver location.
    PASS All NS IPs public OK. All of your NS records appear to use public IPs. If there were any private IPs, they would not be reachable, causing DNS delays.
    PASS TCP Allowed OK. All your DNS servers allow TCP connections. Although rarely used, TCP connections are occasionally used instead of UDP connections. When firewalls block the TCP DNS connections, it can cause hard-to-diagnose problems.
    WARN Single Point of Failure WARNING: Although you have at least 2 NS records, and they appear to point to different physical servers, it appears that they block the ICMP packets used as part of our test, which means that they may share the same firewall. If they share the same firewall, this results in a single point of failure, which could cause all your DNS servers to be unreachable.
    INFO Nameservers versions Your nameservers have the following versions:

    195.5.64.2: "landsraad.net"
    195.5.64.6: "9.3.2-P1"
    PASS Stealth NS record leakage Your DNS servers do not leak any stealth NS records (if any) in non-NS requests.
    SOA INFO SOA record Your SOA record [TTL=172800] is:

    Primary nameserver: ns1.landsraad.net.
    Hostmaster E-mail address: hostmaster.landsraad.net.
    Serial #: 2005102701
    Refresh: 86400
    Retry: 7200
    Expire: 2592000
    Default TTL: 172800
    PASS NS agreement on SOA serial # OK. All your nameservers agree that your SOA serial number is 2005102701. That means that all your nameservers are using the same data (unless you have different sets of data with the same serial number, which would be very bad)! Note that the DNS Report only checks the NS records listed at the parent servers (not any stealth servers).
    PASS SOA MNAME Check OK. Your SOA (Start of Authority) record states that your master (primary) name server is: ns1.landsraad.net.. That server is listed at the parent servers, which is correct.

    PASS SOA RNAME Check OK. Your SOA (Start of Authority) record states that your DNS contact E-mail address is: hostmaster@landsraad.net. (techie note: we have changed the initial '.' to an '@' for display purposes).
    PASS SOA Serial Number OK. Your SOA serial number is: 2005102701. This appears to be in the recommended format of YYYYMMDDnn, where 'nn' is the revision. So this indicates that your DNS was last updated on 27 Oct 2005 (and was revision #1). This number must be incremented every time you make a DNS change.
    WARN SOA REFRESH value WARNING: Your SOA REFRESH interval is : 86400 seconds. This seems high. You should consider decreasing this value to about 3600-7200 seconds (or higher, if using DNS NOTIFY). RFC1912 2.2 recommends a value between 1200 to 43200 seconds (20 minutes to 12 hours, with the longer time periods used for very slow Internet connections), and if you are using DNS NOTIFY the refresh value is not as important (RIPE recommend 86400 seconds if using DNS NOTIFY). This value determines how often secondary/slave nameservers check with the master for updates. A value that is too high will cause DNS changes to be in limbo for a long time.
    PASS SOA RETRY value OK. Your SOA RETRY interval is : 7200 seconds. This seems normal (about 120-7200 seconds is good). The retry value is the amount of time your secondary/slave nameservers will wait to contact the master nameserver again if the last attempt failed.
    WARN SOA EXPIRE value WARNING: Your SOA EXPIRE time is : 2592000 seconds. This seems a bit high. You should consider decreasing this value to about 1209600 to 2419200 seconds (2 to 4 weeks). RFC1912 suggests 2-4 weeks. This is how long a secondary/slave nameserver will wait before considering its DNS data stale if it can't reach the primary nameserver.
    PASS SOA MINIMUM TTL value OK. Your SOA MINIMUM TTL is: 172800 seconds. This seems normal (about 3,600 to 86400 seconds or 1-24 hours is good). RFC2308 suggests a value of 1-3 hours. This value used to determine the default (technically, minimum) TTL (time-to-live) for DNS entries, but now is used for negative caching.
    MX INFO MX Record Your 4 MX records are:

    15 avin03.melange.net. [TTL=172800] IP=212.59.199.11 [TTL=300] [ES]
    15 avin04.melange.net. [TTL=172800] IP=212.59.199.31 [TTL=300] [ES]
    15 avin01.melange.net. [TTL=172800] IP=212.59.199.125 [TTL=300] [ES]
    15 avin02.melange.net. [TTL=172800] IP=212.59.199.34 [TTL=300] [ES]
    PASS Low port test OK. Our local DNS server that uses a low port number can get your MX record. Some DNS servers are behind firewalls that block low port numbers. This does not guarantee that your DNS server does not block low ports (this specific lookup must be cached), but is a good indication that it does not.
    PASS Invalid characters OK. All of your MX records appear to use valid hostnames, without any invalid characters.
    PASS All MX IPs public OK. All of your MX records appear to use public IPs. If there were any private IPs, they would not be reachable, causing slight mail delays, extra resource usage, and possibly bounced mail.
    PASS MX records are not CNAMEs OK. Looking up your MX record did not just return a CNAME. If an MX record query returns a CNAME, extra processing is required, and some mail servers may not be able to handle it.
    PASS MX A lookups have no CNAMEs OK. There appear to be no CNAMEs returned for A records lookups from your MX records (CNAMEs are prohibited in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3).
    PASS MX is host name, not IP OK. All of your MX records are host names (as opposed to IP addresses, which are not allowed in MX records).
    PASS Multiple MX records OK. You have multiple MX records. This means that if one is down or unreachable, the other(s) will be able to accept mail for you.
    PASS Differing MX-A records OK. I did not detect differing IPs for your MX records (this would happen if your DNS servers return different IPs than the DNS servers that are authoritative for the hostname in your MX records).
    PASS Duplicate MX records OK. You do not have any duplicate MX records (pointing to the same IP). Although technically valid, duplicate MX records can cause a lot of confusion, and waste resources.
    PASS Reverse DNS entries for MX records OK. The IPs of all of your mail server(s) have reverse DNS (PTR) entries. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. Note that this information is cached, so if you changed it recently, it will not be reflected here (see the www.DNSstuff.com Reverse DNS Tool for the current data). The reverse DNS entries are:

    11.199.59.212.in-addr.arpa avin04.melange.net. [TTL=59162]
    31.199.59.212.in-addr.arpa avin04.melange.net. [TTL=59162]
    125.199.59.212.in-addr.arpa avin01.melange.net. [TTL=59162]
    34.199.59.212.in-addr.arpa avin02.melange.net. [TTL=48440]
    jueves, 23 de noviembre de 2006 0:30
  • Lo podes averiguar haciendo un query DNS.

     

    nslookup -q=mx tudominio

     

     

    Slds.

    Buenas practicas para el uso de los foros
    Si la respuesta te fue de utilidad , no olvides marcala como respondida

     

     

     

    jueves, 23 de noviembre de 2006 12:36
    Moderador
  • esto es lo que me devuelve despues de realizar la consulta.

    Servidor:  ns3.landsraad.net
    Address:  212.59.199.2

    Respuesta no autoritativa:
    sysproject.net  MX preference = 15, mail exchanger = avin01.melange.net
    sysproject.net  MX preference = 15, mail exchanger = avin02.melange.net
    sysproject.net  MX preference = 15, mail exchanger = avin03.melange.net
    sysproject.net  MX preference = 15, mail exchanger = avin04.melange.net

     

    ya lo he metido en el dns y me sigue saliendo lo mismo,  me parece que puede ser el proveedor de servicios ya que solo lo hace con los dominios que se alojan en el mismo servidor, con los demas no hay problema, lo que pasa es que les escribo y no m dan contesta. Como puedo hacer una prueba para certificar la duda de que el error es de ellos,

    sábado, 25 de noviembre de 2006 23:19
  • El correo lo manejas vos ?? o lo maneja tu ISP  ??

    Buenas practicas para el uso de los foros
    Si la respuesta te es de utilidad marca la pregunta como respondida.
    No pongas las preguntas en mas de un foro.

    Slds.
    Sebastian del Rio

    domingo, 26 de noviembre de 2006 10:42
    Moderador
  • mi isp
    domingo, 26 de noviembre de 2006 22:33
  • Si sospechas que el problema se da solo cuando envias a dominios hosteados en el mismo servidor , junta los rebotes asegurate de que todos los dominios esten hosteados en el mismo servidor , si son todos de tu ISP , informaselos y que chequeen su Mail server. En realdad lo primero es identificar con que dominios te pasa , con todos , con algunos , y sin son algunos estan hosteados en el mismo servidor ,o en distintos ?

    De todas maneras me parece que ni siquiera tendrias que ponerte a analizarlo , simplemente deberias informarselo a tu ISP , y que el Administrador del correo lo chequee.

    NOTA : tambien podrias evaluar si en la relacion costo/beneficio no te conviene adquirir un Exchange Server y majenar el correo vos.

     

    Buenas practicas para el uso de los foros
    Si la respuesta te es de utilidad marca la pregunta como respondida.
    No pongas las preguntas en mas de un foro.

    Slds.
    Sebastian del Rio

     

     

    lunes, 27 de noviembre de 2006 1:11
    Moderador
  • ya tenemos el exchange server 2003, lo que necesito saber es que mas hace falta para gestionar nosotros el dominio a traves del exchange ya que esta configurado correctamente, o eso creo.

     

     

    miércoles, 29 de noviembre de 2006 19:37
  • Lo que necesitarias es pedirle a quien sea el administrador del DNS donde esta hosteado tu dominio que te cree un registro MX por ejemplo mail.tudominio.com y luego haga un registro A de mail.tudominio.com a tu Ip publica.

    Basciamente que te apunte los registros MX a tu ip publica. Con eso seria suficiente.

    Buenas practicas para el uso de los foros
    Si la respuesta te es de utilidad marca la pregunta como respondida.
    No pongas las preguntas en mas de un foro.

    Slds.
    Sebastian del Rio

     

     

    jueves, 30 de noviembre de 2006 2:14
    Moderador
  • ESTE ES EL MENSAJE QUE ME RESPONDE MY ISP

     

    El error del que se informa desde nuestro servidor de correo se debe a
    que está utilizando nuestro nombre de dominio 'myisp.es' o
    'myisp.com' como saludo para identificarse a usted mismo en la fase
    inicial de comunicación del protocolo SMTP, mediante el comando HELO/EHLO.

    En dicho identificador, usted debería indicar el nombre de dominio de su
    servidor de correo, no el nuestro. Nuestro servidor rechaza expresamente
    la conexiones en las que el servidor de correo se identifica con nuestro
    nombre de dominio.

     

     

    Pero en las propiedades de smtp no aparece por ningun lado esa informacion.

    Como o donde se podria cambiar.

     

    Gracias

    martes, 5 de diciembre de 2006 22:23
  • Es lo miso que te dije en mensajes anteriores : )

    Si esto esta de esta manera , deberias chequear en la configuracion del Exchange, en la configuracion del Conector SMTP si mal no recuerdo en la solapa delivery y luego avanzadas donde dice DNS deberias poner el nombre FQDN de tu servidor por ej mail.dominio.com asegurate de que ahi no haya ningun caracter invalido o algo por el estilo.

     

    Buenas practicas para el uso de los foros
    Si la respuesta te es de utilidad marca la pregunta como respondida.
    No pongas las preguntas en mas de un foro.

    Slds.
    Sebastian del Rio

    miércoles, 6 de diciembre de 2006 2:33
    Moderador