Go Back   TechArena Community > Technical Support > Computer Help > Windows Server > Windows Server Help
Become a Member!
Forgot your username/password?
Tags Active Topics RSS Search Mark Forums Read

Sponsored Links



SMTP FQDN domain name does not match DNS resolved server name

Windows Server Help


Reply
 
Thread Tools Search this Thread
  #1  
Old 12-03-2008
TOP
 
Posts: n/a
SMTP FQDN domain name does not match DNS resolved server name

I've been having intermittent email problems for a while. Messages are being
delayed by a number of hours or are being lost completely. I think DNS is
the culprit.

SBS 2003 SP2 Premium but with ISA and SQL not running.
Exchange 2003 SP2
Clients are mostly Outlook 2003 with a few new Outlook 2007 clients

I ran the Exchange Troubleshooting Assistant and had the following two
errors returned:
1. SMTP instance fully-qualified domain name does not match DNS resolved
server name
2. SMTP instance fully-qualified domain name does not match server name

1. The TechNet article says the AD directory service is queried for the
value of msExchSmtpFullyQualifiedDomainName from the Default SMTP virtual
server object. It also tries a DNS query against the DNS servers for the
FQDN of the Exchange server.

I'm not sure if it's querying my internal DNS server (also the Exchange box)
or my ISP's DNS servers.

To solve the problem I'm given two options
A. Change the value of msExchSmtpFullyQualifiedDomainName to match the
DNS FQDN
B. Configure the Exchange server DNS FQDN to match the value of
msExchSmtpFullyQualifiedDomainName.

I was also told separately by a MSFT professional in the Exchange forum to
check the value in the ADSIEDIT MSC (CN=Configuration,DC=Domain,DC=local ->
CN=Services -> CN=Microsoft Exchange -> CN=ORG -> CN=Administrative
Groups -> CN=SITE -> CN=Servers -> CN=MAILSERVER -> CN=Protocols ->
CN=SMTP -> CN=1) and make sure to set that to my domain name, which it
already is. Is this value supposed to be the FQDN for my exchange server, or
just my domain name?

It's set to company.net (not sbs.company.net or mail.company.net--both of
which are listed as A records in our DNS file with our ISP and our internal
DNS server (same machine))

2. Pretty much the same issue and same question.

Should the value of it msExchSmtpFullyQualifiedDomainName be company.net or
host.company.net. And what am I supposed to be comparing it to, our ISP's
DNS records or our DNS server's records.

FWIW, if I go to My Computer > Properties > Computer Name the server's name
is listed as sbs.organization.local, not sbs.company.net

Thanks in advance




Reply With Quote
  #2  
Old 13-03-2008
RW
 
Posts: n/a
RE: SMTP FQDN domain name does not match DNS resolved server name

my question for you is on your Firewall do you have 1-to-1 NAT mapping? are
you sending email from exchange directly to the internet or throught 3rd
party smart host? when your email goes out and is delivered to another person
ask this person to get header of your email and send to you (or you can send
to your external private email account one that will let you either see
source of email or use outlook as POP client and once your email is received
by outlook you can get header from there) once you have that you can see
public IP address you sending from (but you should know this now) and FQDN
associated with it, purpose of it is to see if you have PTR defined by your
ISP to match your EXCH server name. If RDNS is failing many domains will not
accept your emails.
do you have PTR for your exchange public IP
RW

"TOP" wrote:

> I've been having intermittent email problems for a while. Messages are being
> delayed by a number of hours or are being lost completely. I think DNS is
> the culprit.
>
> SBS 2003 SP2 Premium but with ISA and SQL not running.
> Exchange 2003 SP2
> Clients are mostly Outlook 2003 with a few new Outlook 2007 clients
>
> I ran the Exchange Troubleshooting Assistant and had the following two
> errors returned:
> 1. SMTP instance fully-qualified domain name does not match DNS resolved
> server name
> 2. SMTP instance fully-qualified domain name does not match server name
>
> 1. The TechNet article says the AD directory service is queried for the
> value of msExchSmtpFullyQualifiedDomainName from the Default SMTP virtual
> server object. It also tries a DNS query against the DNS servers for the
> FQDN of the Exchange server.
>
> I'm not sure if it's querying my internal DNS server (also the Exchange box)
> or my ISP's DNS servers.
>
> To solve the problem I'm given two options
> A. Change the value of msExchSmtpFullyQualifiedDomainName to match the
> DNS FQDN
> B. Configure the Exchange server DNS FQDN to match the value of
> msExchSmtpFullyQualifiedDomainName.
>
> I was also told separately by a MSFT professional in the Exchange forum to
> check the value in the ADSIEDIT MSC (CN=Configuration,DC=Domain,DC=local ->
> CN=Services -> CN=Microsoft Exchange -> CN=ORG -> CN=Administrative
> Groups -> CN=SITE -> CN=Servers -> CN=MAILSERVER -> CN=Protocols ->
> CN=SMTP -> CN=1) and make sure to set that to my domain name, which it
> already is. Is this value supposed to be the FQDN for my exchange server, or
> just my domain name?
>
> It's set to company.net (not sbs.company.net or mail.company.net--both of
> which are listed as A records in our DNS file with our ISP and our internal
> DNS server (same machine))
>
> 2. Pretty much the same issue and same question.
>
> Should the value of it msExchSmtpFullyQualifiedDomainName be company.net or
> host.company.net. And what am I supposed to be comparing it to, our ISP's
> DNS records or our DNS server's records.
>
> FWIW, if I go to My Computer > Properties > Computer Name the server's name
> is listed as sbs.organization.local, not sbs.company.net
>
> Thanks in advance
>
>
>

Reply With Quote
  #3  
Old 13-03-2008
TOP
 
Posts: n/a
Re: SMTP FQDN domain name does not match DNS resolved server name

Thanks for the reply.

I forgot to mention that we have a spam server on-site that the Exchange
server forwards to as a smart host. The spam server has the higher
preference MX record and accepts all mail from outside, scans it, and passes
it on to Exchange. Exchange does have an MX record but I have my PIX 505
firewall blocking smtp traffic to the exchange server.

This Monday I took the spam server out of the loop, took out the smart host
forwarding, and enabled smtp to Exchange at the firewall, but was still
having some emails delayed or lost. I'm not sure how often it's happening...
maybe 1% of the emails?

The PIX NATs the Exchange server and the spam server to external IP
addresses.
Exchange (hostname sbs) 192.168.1.3 => 1.2.3.59
Spam (hostname mail2) 192.168.1.6 => 1.2.3.43

Here is some of the header information from a message I sent to a hotmail
account: It arrived quickly.

X-SID-PRA: Administrator <Administrator@company.net>
Received: from mail2.company.net ([1.2.3.43]) by
bay0-mc9-f22.bay0.hotmail.com
^^^^^mail2 is the spam server, and the public address is correct^^^^^^
Received: from company.net ([192.168.1.3]) by mail2.company.net
^^^^^company.net is the domain. The private IP listed here is for the
Exchange server, and mail2 is spam server^^^^^^
Subject: test to hotmail
Message-ID: <78F7140203696240981C6E53CB9E99E9DE22B2@sbs.organization.local>
^^^^^sbs.organization.local is the exchange server^^^^^^^
From: "Administrator" <Administrator@company.net>
To: <me@hotmail.com>
Return-Path: Administrator@company.net

I requested a copy of our DNS records from my ISP this week. Everything
looks correct. I'll paste portions below:

mail IN A 1.2.3.59
mail2 IN A 1.2.3.43
sbs IN A 1.2.3.59
www IN A 1.2.3.41

@ IN MX 10 mail.company.net.
@ IN MX 5 mail2.company.net.

And the PTR records:

43 IN PTR mail2.company.net.
59 IN PTR mail.company.net.
59 IN PTR sbs.company.net.





"RW" <RW@discussions.microsoft.com> wrote in message
news:11A19C53-BF68-4C7C-97A0-ED8ADAD54461@microsoft.com...
> my question for you is on your Firewall do you have 1-to-1 NAT mapping?
> are
> you sending email from exchange directly to the internet or throught 3rd
> party smart host? when your email goes out and is delivered to another
> person
> ask this person to get header of your email and send to you (or you can
> send
> to your external private email account one that will let you either see
> source of email or use outlook as POP client and once your email is
> received
> by outlook you can get header from there) once you have that you can see
> public IP address you sending from (but you should know this now) and FQDN
> associated with it, purpose of it is to see if you have PTR defined by
> your
> ISP to match your EXCH server name. If RDNS is failing many domains will
> not
> accept your emails.
> do you have PTR for your exchange public IP
> RW
>
> "TOP" wrote:
>
>> I've been having intermittent email problems for a while. Messages are
>> being
>> delayed by a number of hours or are being lost completely. I think DNS is
>> the culprit.
>>
>> SBS 2003 SP2 Premium but with ISA and SQL not running.
>> Exchange 2003 SP2
>> Clients are mostly Outlook 2003 with a few new Outlook 2007 clients
>>
>> I ran the Exchange Troubleshooting Assistant and had the following two
>> errors returned:
>> 1. SMTP instance fully-qualified domain name does not match DNS resolved
>> server name
>> 2. SMTP instance fully-qualified domain name does not match server name
>>
>> 1. The TechNet article says the AD directory service is queried for the
>> value of msExchSmtpFullyQualifiedDomainName from the Default SMTP virtual
>> server object. It also tries a DNS query against the DNS servers for the
>> FQDN of the Exchange server.
>>
>> I'm not sure if it's querying my internal DNS server (also the Exchange
>> box)
>> or my ISP's DNS servers.
>>
>> To solve the problem I'm given two options
>> A. Change the value of msExchSmtpFullyQualifiedDomainName to match
>> the
>> DNS FQDN
>> B. Configure the Exchange server DNS FQDN to match the value of
>> msExchSmtpFullyQualifiedDomainName.
>>
>> I was also told separately by a MSFT professional in the Exchange forum
>> to
>> check the value in the ADSIEDIT MSC
>> (CN=Configuration,DC=Domain,DC=local ->
>> CN=Services -> CN=Microsoft Exchange -> CN=ORG -> CN=Administrative
>> Groups -> CN=SITE -> CN=Servers -> CN=MAILSERVER -> CN=Protocols ->
>> CN=SMTP -> CN=1) and make sure to set that to my domain name, which it
>> already is. Is this value supposed to be the FQDN for my exchange server,
>> or
>> just my domain name?
>>
>> It's set to company.net (not sbs.company.net or mail.company.net--both of
>> which are listed as A records in our DNS file with our ISP and our
>> internal
>> DNS server (same machine))
>>
>> 2. Pretty much the same issue and same question.
>>
>> Should the value of it msExchSmtpFullyQualifiedDomainName be company.net
>> or
>> host.company.net. And what am I supposed to be comparing it to, our ISP's
>> DNS records or our DNS server's records.
>>
>> FWIW, if I go to My Computer > Properties > Computer Name the server's
>> name
>> is listed as sbs.organization.local, not sbs.company.net
>>
>> Thanks in advance
>>
>>
>>

Reply With Quote
  #4  
Old 13-03-2008
TOP
 
Posts: n/a
Re: SMTP FQDN domain name does not match DNS resolved server name

We just had an email come in three hours late. Header is below:

Received: from mail2.company.net ([192.168.1.6]) by company.net
Received: from cc.sprintspectrum.com ([8.8.7.4]) by mail2.company.net
Received: from [9.4.10.2] by cc.sprintspectrum.com
with ESMTPA id <0J13@l0.nc.sprintspectrum.com>
From: John <john.c@theircompany.com>
Subject: Re: 12:30 lunch
In-reply-to: <78F7140203696240981C6E53CB9E99E9DE2152@sbs.organization.local>
Sender: them@sprintpcs.com
To: AB <AB@company.net>
Message-id: <22D92959-640B-4925-824A-5329033F06E9@theircompany.com>
References: <78F7140203696240981C6E53CB9E99E9DE2152@sbs.organization.local>
Return-Path: john.c@theircompany.com




Reply With Quote
  #5  
Old 14-03-2008
RW
 
Posts: n/a
Re: SMTP FQDN domain name does not match DNS resolved server name

OK, so I have better understanding what your prolem is. Sounds like and
correct me if I'm wrong you have issue with email being delayed only while
receiving emails but not when sending, is that right? so couple of questions:
How do you know delay is on your end? I'm assuming your smart host should
have some reporting/logging functionality why don't you focus on single
instance reported to you by user and track it down search smart host for
particular email look at the time it arrived, then see what time you see same
email at Exchange and finally user mail box. Is delay anywhere between one of
these hoops? I'm just guessing but do you see in example that smart host is
accepting email at let say 1 PM and you do not see it at exch untill 4 PM ?
pehaps this is not your end issue.
Here is my quick story we had situation where a user reported that he is
sending email to A domain and person on the other end does not see it until
30 minutes later, we were able find out that email is sent by our user then
routed by smtp server to smart host in eye blink and almost same time we saw
handshake with external mail server recorded by mean of their public IP all
events in lest then 1 minute after that it is out of our responsabilities,
what they do with it after that and why it takes 30 min to route to their
users I do not want to know. reason I'm saying this is that you should be
able to see email fllow at you end from connection with external mail server,
your exchange and finally client. Perhaps 3 hours delay you see is because
your smart host is not even being connected by external server within this
time frame, if that is the case you should be easily able to push this on the
other side of the court and contact IT from other end ask for log proof that
they not delay it, sort of my story above. If they can proof that email is
sent by their user at 1 PM and tey have log showing contact with your mail
server at 1 PM but your user does not see it till 4 PM then you have problem.
you have no issues receiving email from most domain in timly fashion so does
not sounds like your server is to busy, only other reason I see is that your
smart host is seeing sender domain as suspected spamer and defer connection I
cannot tell much aout this domain because you have modified data so I do not
know if this cc.sprintspectrum.com is real host or not but if it is that is
odd because there is no A nor PTR record for his host.
do not know what 3rd party smart host you use so cannot tell what type of
rules are there either. If you know what domains you have this problem with
try to white list them in your smart host which should by pass all rules to
see if this makes any difference if so and that fix it then most likely your
smart host does not like how this domain(s) is configured and defer
connection.
I would start from faining out email fllow on your end, check time recorded
for this particular email.

BTW, and this is more for your outgoing email then incoming and since you
have no issues with this part I would not worry about it and again not sure
which part of email header was modified by you and which one is real but why
do you have at one point "by company.net" which would indicate you have your
public domain in exch virtual server dns name field and then you have
"@sbs.organization.local" in message ID ? in any case I would change
company.net to sbs.organization.local since you showing private IP in email
header, or create rules on firewall to hide private IP and show public IP for
exch server in email header then I would change virtus server dns name to
host_name.company.net, does this make sense?

"TOP" wrote:

> We just had an email come in three hours late. Header is below:
>
> Received: from mail2.company.net ([192.168.1.6]) by company.net
> Received: from cc.sprintspectrum.com ([8.8.7.4]) by mail2.company.net
> Received: from [9.4.10.2] by cc.sprintspectrum.com
> with ESMTPA id <0J13@l0.nc.sprintspectrum.com>
> From: John <john.c@theircompany.com>
> Subject: Re: 12:30 lunch
> In-reply-to: <78F7140203696240981C6E53CB9E99E9DE2152@sbs.organization.local>
> Sender: them@sprintpcs.com
> To: AB <AB@company.net>
> Message-id: <22D92959-640B-4925-824A-5329033F06E9@theircompany.com>
> References: <78F7140203696240981C6E53CB9E99E9DE2152@sbs.organization.local>
> Return-Path: john.c@theircompany.com
>
>
>
>

Reply With Quote
Reply

  TechArena Community > Technical Support > Computer Help > Windows Server > Windows Server Help
Tags: , , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "SMTP FQDN domain name does not match DNS resolved server name"
Thread Thread Starter Forum Replies Last Post
Error message " DNS name has resolved, failed to join with Domain" with windows 7 Jigya L. Networking & Security 5 21-03-2011 10:00 AM
How to add a Windows Server 2008 domain controller to an existing domain Bruno007 Tips & Tweaks 2 17-01-2011 01:43 PM
I have got two domain, I can't ping FQDN, Domain name but not the hostname of the other domain kaikoa Networking & Security 1 16-09-2009 10:11 AM
backup domain controller in a small business server 2003 domain Ashish Goenkar Small Business Server 4 31-01-2009 12:16 AM
cannot join domain using fqdn Landon Active Directory 4 20-05-2008 06:02 PM


All times are GMT +5.5. The time now is 07:50 PM.