forefront | Be Busbared

#Exchange #FFPE Your Receive UnknownDNSName; Mail from IP banned

August 4, 2010 Busbar Leave a comment

Consider the following scenario:

you just finished installing Exchange and just Installed FFPE, configured antispam filtering and enabled RDNSBL feature, you might get all of the emails blocked with the following error message:

oogle tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 5.7.1 :x.x.x.x:Client host xxx.xxx.xxx.xxx UnknownDNSName; Mail from IP banned. To request removal from this list please forward this message to delist.forefront@messaging.microsoft.com (state 14).

Explanation:

1. Forefront DNSBL agent makes a call to DNSBL backend to query on the connecting IP
2. DNSBL finds the connecting IP is not listed on any of the blocklists available to it
3. The reply query it sends back is NXDOMAIN
4. HOWEVER, when it hits OpenDNS, OpenDNS replaces NXDOMAIN with the connecting client IP address
5. Forefront DNSBL agent expects either NXDOMAIN or 127.0.0.n format of the returned query so after receiving someting like (i.e.) 1.1.1.1 instead of NXDOMAIN from your DNS Server the agent makes a call to block the connection as it’t not in the expected format.

what to do:

First make sure from your DNS Server , OPENDNS had the issue and they should have fixed it, for Egypt Customer LinkDotNet and TEDATA DNS servers are having the issue as well as google’s DNS 8.8.8.8 , as for my testing the DNS server 4.2.2.2 didn’t have the issue and I think that 4.3.3.3 will not have the issue as well.