We have 3 Exch 2007 servers in our environment. ncsbcs2.ibts.org = mail store and hub transport thorim.ibts.org = mail store hodir.ibts.org = client access server My users are having trouble sending mail to craigslist with the following error mxi4p.craigslist.org #554 5.7.1 <unknown[75.103.236.243]>: Client host rejected: rDNS/DNS_validation_failed._Please_setup_matching_DNS_and_rDNS_records:_http://www.craigslist.org/about/help/rdns_failure xabd-4 ## Original message headers: Received: from THORIM.ibts.org ([192.168.40.5]) by NCSBCS2.ibts.org ([192.168.40.14]) with mapi; Fri, 18 Mar 2011 14:58:53 -0400 From: Shannon Rubin <srubin@ibts.org> To: "res-b8c9a-2259466843@craigslist.org" <res-b8c9a-2259466843@craigslist.org> Date: Fri, 18 Mar 2011 14:58:53 -0400 Subject: RE: test Thread-Topic: test Thread-Index: Acvj4bqlOk+uUllzQxePs9/pn7gjlgAPb0AQAF/C8mA= Message-ID: <A542E01B80F1E24EBF2ACF39C92819E13F1BC687E8@THORIM.ibts.org> References: <E04E1ECBC2A9E44D979EB720B065C00D27524F6460@THORIM.ibts.org> <E04E1ECBC2A9E44D979EB720B065C00D27524F646F@THORIM.ibts.org> In-Reply-To: <E04E1ECBC2A9E44D979EB720B065C00D27524F646F@THORIM.ibts.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US x-kse-antivirus-interceptor-info: scan successful x-kse-antivirus-info: Clean Content-Type: multipart/alternative; boundary="_000_A542E01B80F1E24EBF2ACF39C92819E13F1BC687E8THORIMibtsorg_" MIME-Version: 1.0 The primary server for the IP the error is complaining about is Name: ncsbcs2.236.103.75.in-addr.arpa Address: 75.103.236.243 I see in the header information that thorim.ibts.org is referenced. I think this is the problem but I'm not sure. I'm also not sure how to fix it. Can I set multiple host names for reverse DNS of one IP?

This has more to do with the HT server (ncsbcs2.ibts.org) than the MBX server. It looks like you have no PTR (rDNS) record for 75.103.236.243: http://ipadmin.junkemailfilter.com/rdns.php You need to ask your ISP to set one up for you so... 75.103.236.243 Points the registered domain name you use for sending email (and the FQDN you have configured on the Send Connector of ncsbcs2.ibts.org). (Candidly assuming you only have one Send Connector. If not, then the one configured to send messages to the Internet in general). EDIT - ibts.org and mail.ibts.org point to a different IP. It looks like you have a third domain name that is close to the IP above. Those need to match up for rDNS checks. -------------------------------------------------- Here I obtain a response but it is different each time: http://www.rdnslookup.com/ webmail.ibts.org ncsbcs2.ibts.org thorim.ibts.org http://www.dnswatch.info/dns/dnslookup?la=en&host=75.103.236.243&type=A&submit=Resolve In fact, I think having multiple host names for a single IP is causing the problem. Having looked into this some more, it does look like you need: One and only one PTR (rDNS) for the sending IP of your mail server (no more).

I think you're right. The webmail entry was some kind of legacy config that I think is invalid now. We use Webmail2 now for OWA. The thorim we put in last week because I thought that might fix the issue. I'll have those removed. Thanks,

Worked.... WINNING!

Glad to hear!