Incorrect MX Record

[GA Admin]

We have an Exchange 2000 server that periodically tries to send mail
to the wrong host for a domain. It's a two server environment, and
have Exchange and Windows SP3 installed everywhere where applicable.

We tried running DNS on one non-Exchange server, then and both servers
and the same occured. The problem also only occurs on e-mails with
more than 5 or so recipients. AD is working fine, and DNS is
protected against pollution via the checkbox for each server.

For example, the SMTP logs reveal it's trying to send mail to a
recipient always at their webserver, which usually has SMTP running
but not authorized as a relay. I can't figure out why Exchange is
trying this sometimes. Also, subsequently sending the message will
work and logs will show it contacted the correct host on the next try.


In addition, the FROM: domain does not match ours reported by EHLO,
it's a second domain for our company used by a single office. Is this
acceptable if our MX record for both domains points to our server?

Does anyone else know what else to try? How about a forwarders? Does
anyone happen to know UUNet's forwarder? I just walked into this
environment with this ISP.

Here's an example of the problem log:

2003-07-07 13:18:00 - OutboundConnectionResponse SMTPSVC1 DHJA_BOS -
25 - -
220+ipswew0035atl2.usa.prod.interland.net+Microsoft+ESMTP+MAIL+Service,+Version:+5.0.2195.5329+ready+at++Mon,+7+Jul+2003+09:18:00+-0400+
0 0 136 0 40 SMTP - - - -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionCommand SMTPSVC1 DHJA_BOS - 25 EHLO -
mail.goldenacres.org 0 0 4 0 40 SMTP - - - -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionResponse SMTPSVC1 DHJA_BOS - 25 - -
250-ipswew0035atl2.usa.prod.interland.net+Hello+[63.115.237.131] 0 0
64 0 70 SMTP - - - -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionCommand SMTPSVC1 DHJA_BOS - 25 MAIL -
FROM:<[email protected]>+SIZE=10382 0 0 4 0 70 SMTP - - - -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionResponse SMTPSVC1 DHJA_BOS - 25 - -
(e-mail address removed)....Sender+OK 0 0 47 0 100 SMTP - -
- -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionCommand SMTPSVC1 DHJA_BOS - 25 RCPT -
TO:<[email protected]> 0 0 4 0 100 SMTP - - - -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionResponse SMTPSVC1 DHJA_BOS - 25 - -
(e-mail address removed) 0 0 52 0 130 SMTP
- - - -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionCommand SMTPSVC1 DHJA_BOS - 25 RSET - - 0 0 4 0 130
SMTP - - - -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionResponse SMTPSVC1 DHJA_BOS - 25 - -
250+2.0.0+Resetting 0 0 19 0 160 SMTP - - - -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionCommand SMTPSVC1 DHJA_BOS - 25 QUIT - - 0 0 4 0 270
SMTP - - - -
2003-07-07 13:18:00 ipswew0035atl2.usa.prod.interland.net
OutboundConnectionResponse SMTPSVC1 DHJA_BOS - 25 - -
221+2.0.0+ipswew0035atl2.usa.prod.interland.net+Service+closing+transmission+channel
0 0 84 0 300 SMTP - - - -
2003-07-07 13:18:00 - OutboundConnectionResponse SMTPSVC1 DHJA_BOS -
25 - -

 

[Jonathan de Boyne Pollard]

GA> Does anyone else know what else to try?

Yes. Ask in an Exchange newsgroup, because this looks like an Exchange
problem not a DNS problem.

To verify that this is not a DNS problem: Next time that it happens, read the
log, go to the machine running Exchange, and perform the relevant "MX"
resource record lookup manually on that machine. If the "MX" resource records
obtained from a manual lookup on the same machine don't match the SMTP Relay
server that the log says Exchange is actually contacting, you will know that
this is not a DNS problem.