I have a weird case at a client that is using Domino for mail and is sending mails directly to the Internet (so no relay host).
When sending mail to any Outlook.com address, Domino is trying to resolve the A-record of outlook.com instead of the MX-record. An A-record lookup gives: Name: outlook.com Addresses: 52.96.223.2 52.96.172.98 52.96.111.82 52.96.222.194 52.96.228.130 52.96.222.226 52.96.214.50 52.96.91.34 52.96.229.242
An A-record lookup of that gives: Name: outlook-com.olc.protection.outlook.com Addresses: 52.101.68.1 52.101.42.7 52.101.11.4 52.101.40.5 52.101.42.8 52.101.132.29 52.101.40.7 52.101.11.6 52.101.132.31 52.101.11.8 52.101.11.11 52.101.73.3
(shortened. There are many more).
But Domino tries to send the mail to the 52.96.x addresses, which seem to be meant for clients sending mail through Outlook.com. This results in an error: "Client not authenticated to send mail when sending mail to @outlook"
I was able to create a workaround by creating a Foreign SMTP Domain document for outlook.com sending all mail to outlook-com.olc.protection.outlook.comand an SMTP connection document pointing to this Foreign SMTP Domain document. But this shouldn't be necessary.
Is this a bug in Domino (11.0.1 FP7 in this case)?
i am not sure if this is your problem, but i had a similar problem with an older domino server. using A-records for destination smtp addresses.
Please check your smtp-configuration document about the field "host name lookup".
In our environment this was set to local "local only".
The strange thing was, that we had no entries within localhost file, but router resolved only A-records for the destination servers. I would understand if the router would get errors resolving addresses.
Before finding the problem, we also used as a workaround the smtp domain documents get mail to destination domain working.
The time since the problem started to occur seems to match with yours. (Your post is 6 days old, and I assume the problem started a couple of days before posting?)
The client thought it started at the 1st of September, though he only created the ticket 6 days later. It looks like Microsoft must have changed something at the 1st of September or shortly afterwards to cause this problem. When I first checked with MX Toolbox for the IP address of the MX of outlook.com, it gave a 101.x address. Now it's 52.101.x address. Things are clearly on the move. Maybe it will solve itself with time, but it's not something you want to check in a production environment.
@Martijn de Jong Could you please post the details of your workaround, both the foreign SMTP and the SMTP connection, so I can verify I am implementing the workaround correctly?
When looking at our mail event log, noted that hotmail.com adresses also have problems.
With the mx lookup saying hotmail.com is handled by hotmail-com.olc.protection.outlook.com
The domain health reports produced by https://mxtoolbox.com for hotmail.com and outlook.com look like the domains are sickly.
Implementing the Foreign SMTP Domain documents for both outlook .com and hotmail.com, and creating the SMTP connection documents for both, result in mail being delivered to the adresses.
Thanks! I used a slightly different method, which also works: create a Foreign SMTP Domain doc specifying mail for outlook.com should be routed to the Domain outlook-com.olc.protection.outlook.com .
And a corresponding SMTP Connection document specifying the destination domain outlook-com.olc.protection.outlook.com, with the relay host left empty, then the router uses the domain name for a DNS lookup.
I repeated that setup for hotmail.com and live.com (copy paste both the domain and connection doc, replace outlook with hotmail and live, then in the console ```load updall names``` and ```tell router update config``` and bob's your uncle.
Especially that last link is interesting, and something HCL should look into. The current list for outlook-com.olc.protection.outlook.com is larger than it has ever been in history and it got this large this month.
For others reading this post because they have problems sending mail to outlook.com, hotmail.com or live.com, I've written a blog article about the problem which I try to update with new information that reaches me
Today, both versions of the workaround have stopped working. I think Microsoft has continued dicking around with the configurations. Brings back memories of "Windows aint done till Lotus won't run"
Just delivered a mail to Outlook.com. The workaround consists of: 4 Foreign SMTP Domain documents, with the field Messages Addressed To set to outlook.com, and Internet host set to outlook-com.olc.protection.outlook.com (repeat for hotmail, live and msn, replacing the 1st occurrence of outlook with the other service name, example: To: hotmail.com host: hotmail-com.olc.protection.outlook.com
added to that 4 Connection documents (1 for each Foreign domain), Basics tab: Dest server: pick a descriptive name, not used (i put in virtualOutlook.com). Destination domain: fill in destination domain as filled in in the Foreign SMTP Domain doc, so outlook-com.olc.protection.outlook.com. SMTP realy host is empty. On Replication tab disable Replication. Rest of the fields I did not touch. did
