Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Possibly forged hostname????

I am brand new to Ironport. This is our first school year using the product. We have recently had a problem with our students or faculty replying to emails from Notre Dame University. When a student or faculty member tries to reply we get this message back.

"Your message did not reach some or all of the intended recipients.

Subject: RE: Visit to Cathedral Prep
Sent: 9/8/2009 9:57 AM

The following recipient(s) cannot be reached:

Maureen.E.Clark.179@nd.edu on 9/11/2009 9:57 AM
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
<ironport>"


Any one have any ideas why this would happen? Any help would be greatly appreciated. Also, so far this has happened to two emails that have been replied to that were going to two different people at nd.edu.

Thank you.

  • Email Security
8 REPLIES

Re: Possibly forged hostname????

First thing you should do is look thru your mail_logs and locate the emails. Check if the receiving domain is kicking back any 4xx or 5xx errors. Also as a general rule you should always make sure that DNS is working correctly for you and you are able to resolve the MX records for that domain. If all that checks, and they indeed are rejecting your mail. Ask them politely why :D

New Member

451 error

This is from the bounce log:
"RID 0 - 4.1.0 - Unknown address error ('451', ['4.1.8 Possibly forged hostname for 70.60.48.227']) "

I see other emails addressed to people at nd.edu that also were kicked back with the same error. The email addresses are valid since the emails that were sent were replies to emails that were received.

Re: Possibly forged hostname????

Hi,

I assume that 70.60.48.227 is the IP address of your IronPort sending the emails. It's really hard to tell exactly what they mean with that 4xx error they are kicking back RID 0 - 4.1.0 - Unknown address error ('451', ['4.1.8 Possibly forged hostname. Only they can tell you exactly what they mean by that, since those errors can be customized. My best guess would be that they are doing some multilpe DNS checks on the host name of your box, reverse, forward etc. and seeing if IP matches to host name, perhaps domain as well etc. I would engage the admin of the domain to find out exactly why they are rejecting your emails. Definitely make sure DNS is configured correctly on your side to avoid problems with external checks. Hope that helps.

New Member

Re: Possibly forged hostname????

Before I call them. What should I look for in our DNS to make sure it is configured correctly. We just had to replace our DNS, however this email issue occurred before the change and after the change.

Re: Possibly forged hostname????

If you google "dns tools" it should come up with a list of sites that offer some DNS checks. Usually a good place to start. I know dnsstuff.com is pretty good I think you have to pay now thought. dnstools.com as well
;-) maybe others can post some better ones.

New Member

Re: Possibly forged hostname????

Some of the stuff which used to be free on dnsstuff.com can be found nowadays from http://dnsstuff.fastnext.com/

Especially the DNSreport is useful to check the 'healthy' of your setup.

New Member

Re: Possibly forged hostname????

I finally called Ironport support and they were fantastic. The problem was I had no PTR record and my MX record was incorrect.

Re: Possibly forged hostname????

Yes they have great support. Well at least we pointed you in the right direction. Glad it worked out ;-)

999
Views
0
Helpful
8
Replies
This widget could not be displayed.