Email to an email account with a subdomain is not being delivered from outside the private network
I am trying to set up a mailbox that can receive email directed to any whateverxyz(at)code.go-redrock.com address (i.e. foo(at)code.go-redrock.com and bar(at)code.go-redrock.com should both be directed to the same mailbox).
(For future reference, 'Intended Address' refers to foo(at)code.go-redrock.com)
With godaddy, I set an MX record for code.go-redrock.com as well as an MX record for mail.code.go-redrock.com, which both point to mail.code.go-redrock.com, set as an A record pointing to the IP of our mail filter. (We also have an A record of code.go-redrock.com which points to the IP address of the server hosting the website code.go-redrock.com, which is why I set up mail.code.go-redrock.com - I thought it might be better if the MX record name matches the A record name.)
In Exchange 2019, I added code.go-redrock.com as an accepted domain, 'Internal relay' type. (go-redrock.com already exists as an Authoritative domain.)
I set up an Exchange 2019 user/mailbox, foo(at)go-redrock.com, with email address policy creating the 'Intended Address' as well, for that account. I set up a transport rule to redirect any email addressed to domain 'code.go-redrock.com' to be delivered to the foo(at)go-redrock.com mailbox.
From within our private network, using Exchange OWA, telnet, or Thunderbird client on my Ubuntu machine, sending an email to Intended Address does successfully get delivered. Sending an email to whateverxyz(at)code.go-redrock.com does successfully get delivered, so the transport rule works fine.
However, trying to send an email from outside our network (i.e. from my personal gmail and yahoo accounts from my phone, not connected to our private network), to the Intended Address, I get an Undeliverable response. (Emailing to foo(at)go-redrock.com from gmail and yahoo DOES work, but for some reason the 'code' subdomain address, foo(at)code.go-redrock.com fails, even though both addresses belong to the same mailbox.)
Undeliverable response: "Address not found Your message wasn't delivered to "Intended Address" because the address couldn't be found, or is unable to receive mail. The response from the remote server was: 550 5.1.1 <"Intended Address">: Recipient address rejected: undeliverable address: No user at this address"
There are no records in our mail filter logs showing any external emails trying to go to foo(at)code.go-redrock.com.
Thanks for sharing your time to provide any tips/suggestions/answers! -Everett
Test result from Microsoft Remote Connectivity Analyzer:
Testing inbound SMTP mail flow for domain 'foo(at)code.go-redrock.com'.
The Microsoft Connectivity Analyzer failed to test inbound SMTP mail flow.
Test Steps
Attempting to retrieve DNS MX records for domain 'code.go-redrock.com'.
One or more MX records were successfully retrieved from DNS.
MX Records Host mail.code.go-redrock.com, Preference 10
Testing Mail Exchanger mail.code.go-redrock.com.
One or more SMTP tests failed for this Mail Exchanger.
Test Steps
Attempting to resolve the host name mail.code.go-redrock.com in DNS.
The host name resolved successfully.
Testing TCP port 25 on host mail.code.go-redrock.com to ensure it's listening and open.
The port was opened successfully.
Analyzing SMTP Capabilities for server mail.code.go-redrock.com:25
SMTP Capabilities were analyzed successfuly.
Attempting to send a test email message to foo(at)code.go-redrock.com using MX mail.code.go-redrock.com.
Delivery of the test email message failed.
Additional Details
The server returned status code 550 - Mailbox unavailable. The server response was: 5.1.1 <foo(at)code.go-redrock.com>: Recipient address rejected: undeliverable address: No user at this address
Exception details:
Message: Mailbox unavailable. The server response was: 5.1.1 <foo(at)code.go-redrock.com>: Recipient address rejected: undeliverable address: No user at this address
Type: System.Net.Mail.SmtpFailedRecipientException
Stack trace:
at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, Boolean allowUnicode, SmtpFailedRecipientException& exception)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.M365.RCA.ConnectivityTests.SmtpMessageTest.PerformTestReally()
Would you test code.go-redrock.com in MxToolbox and test foo(at)code.go-redrock.com in EXRCA?
Also, go to EAC-Recipients-Mailbox, double-click the mailbox "foo(at)go-redrock.com"-Mailbox features-Message Delivery Restrictions, is the option "Require that all senders are authentifacted" ticked?
Besides, does the inbound mailbox flow work correctly for your Authoritative domain?
Would you mind pointing A records directly to your Exchange server IP to bypass the filter and test if same results?