PROBLEM WITH SHAREPOINT 2013 AND INTERNET EXPLORER 11
January 22, 2014Exchange 2003 failing to start, Restoring while keeping latest mailbox store. Using eseutil /r /i
June 13, 2014Well that’s something you don’t see every day! Definitely worth mentioning and writing done, since I may refer to this story to my IT grandchildren…..
A customer of ours, suppose xx.com sends an email to yy.com
The user [email protected] gets a non-deliverable email from our on-premises Mail server (NDR) containing the following text:
host yy.com [XXX.XXX.XXX.XXX] said:
550-Verification failed for <[email protected]> 550-No such person at this
address” 550 Sender verify failed (in reply to RCPT TO command)
550 Sender verify failed (in reply to RCPT TO command)!!!!
Launched telnet from my pc (different external ip from the xx.com customer) and got through the smtp commands emulating an email submission to the yy.com email server
Start>Run
Cmd <clrf>
Telnet <clrf>
Set localecho <clrf>
O “mailserver.yy.com” 25 <clrf>
Ehlo local.domain.name <clrf>
Mail from:[email protected] <clrf>
Rcpt to:[email protected] <clrf>
DATA <clrf>
Subject:”Your message subject” .<clrf>
“your message” <clrf>
<clrf>. <clrf>
Bingo Message delivered. Ok what’s the problem?
I login to my customer’s server and do the same (of course I changed [email protected] with [email protected]). No luck! Sender Verify failed!!!
I checked SPF records, I checked blacklisting….nothing, everythings clean!
But after a closer look on DNS lookups, we found out that the yy.com recipient has dns/web/email hosting to the ip 72.52.232.144 (resolving it….host.giganetworks.com)
OUPS!
Apparently my client xx.com has only web hosting on the same provider and its www Host A record resolves back to the same IP!!!! No DNS, no email service is provided for the xx.com, at least, that’s what I was aware of (after making the necessary changes in the ISP’s CPANEL)
WOW!!! What is happening is rather simple….
The xx.com mail server begins negotiation with the yy.com mail server. The exchange the ehlos/helos and when the xx.com claims to be the sender of [email protected] the yy.com mail server stops the submission since he THINKS thank the xx.com is spoofing the xx.com.
Apparently the mail fails and no submission takes place.
How we resolved this:
Simply mailed the ISP explained what we found and forced them to be secondary dns on our Primary dns servers for the xx.com domain, threating them that I will remove the domain and hosting same day….
Case closed, but will be remembered.