With our Exchange 2016 we can send and receive emails (internal and external). But for some providers we got blacklisted. We have tried several tools for SMTP checks and there seems to be a Certificate mismatch.
https://ssl-tools.net/ claims that there is no certificate for mail.domain.de, although we have installed and enabled the respective certificate in Exchange.
We can see 3 certificates in ECP: 1st: our own (domain.de) that is assigned to iis, smtp, pop, and IMAP, 2nd: Microsoft Exchange Server Auth Certificate, also assigned to SMTP and WMSVC-SHA2 assigned to none.
We have also Configured the TLS Certificate Name for Exchange Server Client/Default Frontend but this did not help.
https://mxtoolbox.com reports that the "Reverse DNS does not match SMTP Banner". The report is the following:
220 mail.domain.de [212 ms]
EHLO keeper-us-east-1b.mxtoolbox.com
250-[FQDN of Exchange server] Hello [Internal Firewall IP]
We had corrected the 220 response but where can we change the 250 that is sharing internal information?
Any help would be appreciated!