| Author |
 Topic  |
|
|
Andy Skinner
User
United Kingdom
136 Posts |
 Posted - 2010/07/22 : 16:23:38
|
Hi - can anyone help.
We are have problems with mail from one particular client, where mail is not getting through to us. We have a direct MX SMTP feed, and their mails are not even hitting FTGate - no record in the logs. Mails are correctly addressed to our domain and recipient, but don't appear, however when copied to a gmail account the copy comes through no problem. They receive an error messageas below:
--------------------------------------------
Your message did not reach some or all of the intended recipients.
Subject: sdpok
Sent: 22/07/2010 09:15
The following recipient(s) cannot be reached:
andyskinner@sdpce.co.uk on 22/07/2010 09:15
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
<arktec.co.uk #5.0.0 smtp;500 5.0.0 [212.36.48.40] PTR record is blank - reverse DNS lookup failed (#4.46)>
---------------------------------------
Does this give any clues what might be occurring?
We did used to get email from them - but sporadically, and sometimes they got caught up in our spam trap, even when whitelisted. In these cases it was because their ISP's domain name was replacing their domain name! I don't think it's a filtering problem, as the mails aren't even getting to FTG.
Any advice would be welcomed. Thanks
Andy
|
|
|
richard
Forum Admin
5119 Posts |
Posted - 2010/07/23 : 08:08:21
|
You have the PTR record check enabled in FTGate and the sender does not have a PTR record, which is very bad for an ISP!
You will have to disable PTR checking to receive mail from this address, or you can add the address to the security policy without the PTr option. That may grow tiresome very quickly though. |
 |
|
|
Andy Skinner
User
United Kingdom
136 Posts |
Posted - 2010/07/23 : 09:14:51
|
Thanks Richard.
I guess turning off PTR record checking is not a good thing generally?
If I want to add their IP address with out the PTR, am I right in thinking that I should go to:
services>security policies tab>default global security policy>addresses tab.
then add their IP address (as in the failure message) and tick all the boxes, the same as the WAN entry, but without the PTR box ticked?
Thanks for your help
Andy |
|
|
|
richard
Forum Admin
5119 Posts |
Posted - 2010/07/23 : 10:16:54
|
correct.
Use 255.255.255.255 as the mask. |
|
|
|
Andy Skinner
User
United Kingdom
136 Posts |
Posted - 2010/07/23 : 13:10:39
|
thanks.
seems to have done the trick.
Andy
|
|
|
| |
Topic |
|
Mail from one client not getting through
