450 4.7.25 Client host rejected

Question

On #Exchange2013 I am getting the error message as follows, generated the error '[{LRT=};{LED=450 4.7.25 Client host rejected: cannot find your hostname, [xxx.xxx.xxx.130]};{FQDN=};{IP=}]'.

I am getting this error message only when the user sends email to a particular domain. I have recently configured SPF, DKIM, DMARC records on DNS Level by requesting the ISP.

FQDN which I am using for sending emails is mx1.xyz.com.ab which is associated with the public IP - xxx.xxx.xxx.131 I have checked the PTR records for the IP ending with .131 on mxtoolbox.com, they do exist. I have also checked the PTR records for the IP which is mentioned in the error message, i.e. .130. Also for this IP the PTR records exist. I have verified the PTR records through nslookup also and the results are all same as shown in mxtoolbox.com. Further information, I have configured the SPF Record as follows, xyz.com.ab. IN TXT "v=spf1 mx a ptr ip4:xxx.xxx.xxx.131 ip4:xxx.xxx.xxx.130 ~all"

The mails are getting delivered to Gmail, Hotmail, and other domains. Only to a particular domain, users are not able to send the emails.

Any help would be much appreciated because this issue is now eating up my brains.

Thanks. Faraz.

Update.The issue has been resolved. The issue was from my side.All I had to do was to replace the ESMTP banner. Old ESMTP banner was localservername.domain.com. I changed it to mx1.domain.com and also changed the FQDN on Receive Connector.After performing these steps, the mail flow between the organization and the client started working.Thank you all for your assistance. — mfarazk86, Jul 12 '20 at 07:56
Thanks for your sharing. I'm glad that the mailflow issue has been fixed. At the same time, you could mark your solution as the best answer. Have a nice day:-) — Ivan_Wang, Jul 13 '20 at 01:40
I tried to mark it as answer, unfortunately I am not getting that option. I guess I am the author of the post and because of that I am not able to mark my comment or post as an answer. — mfarazk86, Jul 14 '20 at 06:53

score 0 · Answer 1 · answered Jul 06 '20 at 13:27

0

Might be the recipient server block your domain or its associated IP address, through some spam filters or firewall.

To cross check just send an from your gmail to the recipient.

If mail sent successfully, then no action required on part inform the recipient server administrator to check at there end.

Note: Before proceeding, through your server ping the recipient domain like (mail.domainname or domainname) to verify no issue on your end.

answered Jul 06 '20 at 13:27

Nirmal

45
2

Thanks @Nirmal for reaching out. I have pinged the recipient domain and their mail server (which was shown in the MX records on mxtoolbox.com). All pings were successful. I will initiate the cross-check by sending an email to the recipient's domain from Gmail. Once I have the outcome of the cross-check, I'll post the update here. – mfarazk86 Jul 06 '20 at 15:54

score 0 · Answer 2 · answered Jul 06 '20 at 15:42

The domain you are sending to, like many domains, requires that your DNS match in both forward and reverse direction. Thus the PTR record for your IP address must return a hostname, and that hostname's address record must return the same IP address.

(When such a mismatch occurs with large providers such as Gmail or O365, they usually send such messages to the Spam/Junk folder rather than rejecting them outright, though I have occasionally seen Gmail actually reject messages, and Microsoft is infamous for rejecting large quantities of legitimate mail for incomprehensible reasons.)

You should double check your DNS records and that they are accessible from any arbitrary location on the Internet. If your DNS records really are correct, then the problem is likely at the receiving end.

Thanks @michael-hampton for reaching out. I just ran the _nslookup_ for the hostname (i.e. _**mx1.xyz.com.ab**_), hostname returns the public IP ending with **.131**. When I run the _nslookup_ for the IP **.131**, it returns the same hostname which is _**mx1.xyz.com.ab**_, but at the same time when I run the _nslookup_ for the IP ending with **.130**, this also returns the same hostname, _**mx1.xyz.com.ab**_. But vice versa it does not return the **.130**. — mfarazk86, Jul 06 '20 at 16:26

Ivan_Wang · Answer 3 · 2020-07-07T07:23:17.770

0

Did you create the A record which corresponds to the PTR record in the forward lookup zone? If not, maybe it's the reason to cause the 4.7.25 error and the lookup result(But vice versa it does not return the .130.). If your DNS records are all fine, as clarified above, maybe the receiver configured some rules/spam filters/etc. to block emails from some speicifc domains or the associated IP address.

Besides, here is a similar thread for your reference: 450 4.7.25 Client host rejected. Hope it's helpful to you.

edited Jul 07 '20 at 07:23

answered Jul 07 '20 at 07:11

Ivan_Wang

1,323
1
3
4

Thank you for reaching out. I have checked the A records which are corresponding to PTR Records in Forward and Lookup Zones. the hostname is corresponding to the local IP address of the server and vice versa. – mfarazk86 Jul 07 '20 at 10:13

450 4.7.25 Client host rejected

3 Answers3