Hi A user is having problems sending e-mail to recipients she sends to every day. The error is: User@otherdomain.com on 11/26/2005 1:11 PM. You do not have permission to send to this recipient. For assistance, contact your system administrator. ... Relaying denied. IP name possibly forged.(xx.xx.xx.xx)>. http://searchexchange.techtarget.com/expert/KnowledgebaseAnswer/0,289625,sid43_gci1155538,00.html According to this post it could be related with It sounds like the recipient's SMTP server is doing a reverse lookup on your domain and failing. You should double-check your public DNS record to make sure that the server's PTR (pointer) record has the servername mapped to the server's correct IP address. This is our current Exchange setup: 1.) We run an active-passive cluster of Exchange 2003 2.) The MX records are being hosted in Postini (Google) 3.) We are running an load balancing solution for redundancy between 2 ISP providers. So A and PTR record for mail.domain.com has an entry for each provider in the public DNS. For example: ISP1 mail.domain.com - 1.1.1.1 1.1.1.1 - mail.domain.com ISP2 mail.domain.com - 2.2.2.2 2.2.2.2 - mail.domain.com We are now using provider one so if any emails are being send they headers of the email show the 1.1.1.1 for mail.domain.com However if I run a DNS query for A/PTR resolution for mail.domain.com the 2.2.2.2 IP is the one that resolves. So email is being send like 1.1.1.1 external DNS resolution to mail.domain.com replies on 2.2.2.2 Like I said a couple of users are getting this type of message: User@otherdomain.com on 11/26/2005 1:11 PM. You do not have permission to send to this recipient. For assistance, contact your system administrator. ... Relaying denied. IP name possibly forged.(xx.xx.xx.xx)>. Could this setup be the problem since we are sending at 1.1.1.1 but the world resolves mail.domain.com at 2.2.2.2? Thank you.

You might want to turn up SMTP protocol logging and see if there are any clues in the exchange between the servers.-- Ed Crowley MVP"There are seldom good technological solutions to behavioral problems.". "msquestion" wrote in message news:714b3342-6999-4405-9dc3-213dcd6b40ee... Hi A user is having problems sending e-mail to recipients she sends to every day. The error is: User@otherdomain.com on 11/26/2005 1:11 PM. You do not have permission to send to this recipient. For assistance, contact your system administrator. ... Relaying denied. IP name possibly forged.(xx.xx.xx.xx)>. http://searchexchange.techtarget.com/expert/KnowledgebaseAnswer/0,289625,sid43_gci1155538,00.html According to this post it could be related with It sounds like the recipient's SMTP server is doing a reverse lookup on your domain and failing. You should double-check your public DNS record to make sure that the server's PTR (pointer) record has the servername mapped to the server's correct IP address. This is our current Exchange setup: 1.) We run an active-passive cluster of Exchange 2003 2.) The MX records are being hosted in Postini (Google) 3.) We are running an load balancing solution for redundancy between 2 ISP providers. So A and PTR record for mail.domain.com has an entry for each provider in the public DNS. For example: ISP1 mail.domain.com - 1.1.1.1 1.1.1.1 - mail.domain.com ISP2 mail.domain.com - 2.2.2.2 2.2.2.2 - mail.domain.com We are now using provider one so if any emails are being send they headers of the email show the 1.1.1.1 for mail.domain.com However if I run a DNS query for A/PTR resolution for mail.domain.com the 2.2.2.2 IP is the one that resolves. So email is being send like 1.1.1.1 external DNS resolution to mail.domain.com replies on 2.2.2.2 Like I said a couple of users are getting this type of message: User@otherdomain.com on 11/26/2005 1:11 PM. You do not have permission to send to this recipient. For assistance, contact your system administrator. ... Relaying denied. IP name possibly forged.(xx.xx.xx.xx)>. Could this setup be the problem since we are sending at 1.1.1.1 but the world resolves mail.domain.com at 2.2.2.2? Thank you. Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Hi, I suggest you go to https://www.testexchangeconnectivity.com/ to do an Outbound email test. It will help you check the related DNS records. Could you please let me know it happens just for one domain or lots of domains? You may need to contact the remote mail admin to see if you could find the reason and workaround. Thanks, Elvis

Hi, Are you using smart host to postini SMTP server for outbound SMTP server too. If yes then you need to work with postini support whether their SMTP is being denied by remote sevrer. If you are sending message from your SMTP server then work with remote domain admin to whitlist your IP, as error message say that your IP is restricted. Anil

Hi, I think the first problem I have found: 1.) The FQDN for the exchange server is: exchange.mydomain.local and it should be whatever the record we have for the exchange server on the public DNS which in our case would be mail.mydomain.com. So if a look at the headers in any of the emails that I sent to an external domain I can see exchange.mydomain.local and 1.1.1.1 Exchange.mydomain.local is not being resolved on a public DNS at all is just part of internal DNS. I think that the FQDN on the Exchange server has to match out the A record on the public DNS so if we have an A record named mail.domain.com (Public DNS) that is the one that has to be entered as the FQDN for the message to be propiertly relayed. Is that correct? 2.) The A record mail.domain.com has DNS forward/reverse resolution to 1.1.1.1 and it also has rDNS to 2.2.2.2. So the A record has 2 IP's (1.1.1.1, 2.2.2.2) from two different ISP IP schemas. The email out of the building is being relayed out from the server as mail.domain.local (which I think is the wrong FQDN) and it goes out through 2.2.2.2 (the IP scheme of one the ISP providers). In my opinion that represents a problem since the email has to relayed out to internet from that same IP scheme that is being recevied (ISP provider). Anwsering your question: 1.) It happens just on some domains. 2.) No smart host. The Exchange server is relaying email itself. But postini has the MX records. Final question: How would affect changing the FQDN from Exchange.domain.local to mail.domain.com would affect the MX records that are being hosted on Postini? I hope someone could verify/anwser my questions Thank you.