Problem sending emails to Outlook server

Problem reported by randy perez - 2/20/2016 at 2:39 PM

Submitted

Hello and thanks in advance,

I have a problem when send emails with smartermail. When I try send emails to outlook server, I receive the next error: "Reason: Remote host said: 501 5.5.4 Invalid domain name" in Delivery Failure email.

The only thing I think may be causing this problem is that Hostname is not same of domain name. I explain, my hostname is NS509964 but my domain name is nerdcommail.com, could be this problem?

Regards and thanks in advance for all your help.

6 Replies

Reply to Thread

Bruce Barnes Replied

2/21/2016 at 2:29 PM

The FQDN of your SmarterMail sever is "mx1.nerdcommail.com" and your IP ADDRESS is 192.99.15.197.

Problem #1: You have NO SPF RECORD. You MUST have a valid SPF record which points to 193.99.15.197 as an authorized MX sever for mx1.nerdcommail.com

Problem #2: You do not have a valid rDNS entry which maps mx1.nerdcommail.com back to the FQDN of your Smartermail server. You cannot do this, you must contact your ISP, the people who assigned you your static IP address(es) and tell them you want an rDNS mapped between mx1.nerdcommail.com and the STATIC IP ADDRESS of 193.99.15.197

Problem #3: You do not have DKIM. This is setup in SmarterMail, for the individual domain, and them mapped in your DNS records. See https://unlocktheinbox.com for more information on DKIM records. The key should be 2048 bits and relaxed. You should also enable forwarding to keep the key valid if a message is forwarded.

Problem #4: You need to setup DMARC. Neither YAHOO!, GMAL, nor OUTLOOK will accept e-mail that is not configured with DMARC records any longer.

Problem #5: You need to setup FEEDBACK LOOPS: Again, see https://unlocktheinbox.com for more information on setting up feedback loops - they are no longer optional, but mandatory.

There may be more, but this is the place to begin.

Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting

randy perez Replied

2/21/2016 at 4:52 PM

Hello,

I did most of those things but still can not send emails.

Regards and thanks in advance.

Bruce Barnes Replied

2/21/2016 at 11:09 PM

Since you have no DNS record, it appears you haven't set one up. I just retested

randy perez Replied

2/22/2016 at 9:06 AM

Sorry, now DNS is set correctly

Bruce Barnes Replied

2/22/2016 at 12:09 PM

Your SMTP HEADER is not compliant. Here is your current SMTP HOST HEADER RECORD:

"192.99.15.197 | 220 https://nerdcommail.com"

"https://nerdcommail.com is your IIS HOST HEADER RECORD, not your SmarterMail server host header record.

It should be "#HostName# #TimeUTC# UTC"

It must be setup in POP, IMAP, and SMTP OUT HOST HEADER RECORDS - or you will be denied by OUTLOOK, YAHOO, COMCAST, and, if you send directly to chicagonettech.com, by us. New rules, implemented by YAHOO! I don't make 'em, just help get the message out.

If you use the variable #HostName#, it will always be properly inserted, but ONLY is properly setup in several other places:

Here's where it MUST be properly setup:

SETTINGS ===> GENERAL SETTINGS ===> HOSTNAME:

HOSTNAME settings must be the FQDN of the SmarterMail server which DELIVERS the e-mail
in your case, that's "mx1.nerdcommail.com"

SETTINGS ===> BINDINGS ===> HOSTNAMES:

HOSTNAME to IP ADDRESS MAPPING

This hostname must be mapped to all of your PORTS for your SSL and TLS certificates Only the TLS CERTIFICATES should be bound.
SSL is completely dead and no longer used.

NOTE: MAKE CERTAIN THERE ARE NO SPACES or garbage characters before or after the HOSTNAME or it will cause non-delivery issues and intermittent SPF failures!

Then you must place the #HostName# variable into the POP, IMAP, and SMTP OUT host records in the proper place. Here are the examples:

SETTINGS ===> PROTOCOL SETTINGS ===> POP:

Add #HostName# to POP BANNER or OUTLOOK, YAHOO!, GMAIL and many other ISPs will refuse to accept your mail. — Add #HostName# to POP BANNER or
OUTLOOK, YAHOO!, GMAIL and many other ISPs
will refuse to accept your mail.

NOTE: Your AUTODISCOVER HOST will be mx1.nerdcommail.com

SETTINGS ===> PROTOCOL SETTINGS ===> IMAP:

Add #HostName# to IMAP BANNER or OUTLOOK, YAHOO!, GMAIL and many other ISPs will refuse to accept your mail. — Add #HostName# to IMAP BANNER or
OUTLOOK, YAHOO!, GMAIL and
many other ISPs will refuse to accept your mail.

NOTE: Your AUTODISCOVER HOST will be mx1.nerdcommail.com

Add #HostName# to SMTP BANNER or OUTLOOK, YAHOO!, GMAIL and many other ISPs will refuse to accept your mail. — Add #HostName# to SMTP BANNER
or OUTLOOK, YAHOO!, GMAIL
and many other ISPs will refuse to accept your mail.

NOTE: Your AUTODISCOVER HOST will be mx1.nerdcommail.com

Making This will automatically insert the FULLY QUALIFIED DOMAIN NAME of your SmarterMail server, as appropriate, into the SMTP host header record as mx1.nerdcommiail.com

Finally, I tested your domain at and you scored a "C" --

This server is vulnerable to the POODLE attack. Disable SSL 3 to mitigate. Grade capped to C.
This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B.
This server accepts RC4 cipher, but only with older protocol versions. Grade capped to B.

I sent you a PM with a direct link to the results - which are hidden from public view.

randy perez Replied

2/23/2016 at 8:30 AM

Hi, I resolved most things, only missing the problem related with SSL, I will resolve it soon but I do not think it's why I can not send.

Regards and thanks in advance.

Back to Community Threads

Please leave this box unchecked

6 Replies

Reply to Thread

Tags

Related Knowledge Base Articles