jim_feeney
asked on
host unreachable - undeliverable email
We cannot send email to certain domains. After approximately a day the following error is returned:
your message did not reach some or all of the intended recipients.
The following recipient(s) could not be reached:
'client@domain.com' on 5/22/2003 9:47 PM
The recipient was unavailable to take delivery of the message
The MTS-ID of the original message is: c=US;a= ; p=exorg;I=LIEBER-S1-030520
MSEXCH:IMS:exorg:exsiteLIE
I did not want to post the recipient's address, so please be aware the above is a dummy address. The address is correct since we can send from aol or hotmail, just not from our exchange server. Our server is not listed at osirusoft or elsewhere for open relay. This has been a problem for a long time, so it is not an intermittent hardware failure. I am not aware of any configuration changes since the problem started. I am able to ping the address and domain of the client in a command window. I talked to our ISP and they said our reverse lookup was o.k. I have seen this problem posted elsewhere (no solutions) so I know we are not the only ones having it.
Lastly; one curious clue in the message is the reference to LIEBER-S1. That is name of our server. Our domain is liebercooper.com
I don't know why the server name would be returned in the error message. Thanks; in advance; for your help
Jim
your message did not reach some or all of the intended recipients.
The following recipient(s) could not be reached:
'client@domain.com' on 5/22/2003 9:47 PM
The recipient was unavailable to take delivery of the message
The MTS-ID of the original message is: c=US;a= ; p=exorg;I=LIEBER-S1-030520
MSEXCH:IMS:exorg:exsiteLIE
I did not want to post the recipient's address, so please be aware the above is a dummy address. The address is correct since we can send from aol or hotmail, just not from our exchange server. Our server is not listed at osirusoft or elsewhere for open relay. This has been a problem for a long time, so it is not an intermittent hardware failure. I am not aware of any configuration changes since the problem started. I am able to ping the address and domain of the client in a command window. I talked to our ISP and they said our reverse lookup was o.k. I have seen this problem posted elsewhere (no solutions) so I know we are not the only ones having it.
Lastly; one curious clue in the message is the reference to LIEBER-S1. That is name of our server. Our domain is liebercooper.com
I don't know why the server name would be returned in the error message. Thanks; in advance; for your help
Jim
Can you telnet directly to their server on port 25, and send a txt email in that fashion?
D
D
"Host unreachable" says it all, it appears your exchange server cannot make an SMTP connection to the server it believes is responsible for that domains mail.
1. Log on to the exchange server and bring up a command prompt
2. type in nslookup and hit enter
3. type in "set type=mx" and hit enter
4. type in the domain name you're trying to deliver to and hit enter
5. copy the result out to notepad or write it down (may look somethign like smtp.domain.com)
6. type exit and hit enter
7. type telnet <name you got from step 5> 25 (i.e. "telnet smtp.domain.com 25)
8. you should get a connection (if you do just type quit to get out)
if it times out that means your exchange server cannot make an SMTP connection to that server. If that is the case post back here with the responses you got back from the above test.
1. Log on to the exchange server and bring up a command prompt
2. type in nslookup and hit enter
3. type in "set type=mx" and hit enter
4. type in the domain name you're trying to deliver to and hit enter
5. copy the result out to notepad or write it down (may look somethign like smtp.domain.com)
6. type exit and hit enter
7. type telnet <name you got from step 5> 25 (i.e. "telnet smtp.domain.com 25)
8. you should get a connection (if you do just type quit to get out)
if it times out that means your exchange server cannot make an SMTP connection to that server. If that is the case post back here with the responses you got back from the above test.
ASKER
Thanks so much for your assistance everyone. Based on your advice here's what I discovered:
Bembi: I am not aware of a second email about the rejection. I don't think the target system ever get's anything from us and hence we have no reply. I did a tracert as you recommended, and it was able to do a complete trace in 14 hops.
Kidego: I am guessing the steps described by subsoniq are telnetting their server as you suggest. Read on for findings
Subsoniq: Thanks for the step by step instructions. They were most helpful. Here's what happened:
nslookup
DNS request timed out.
timeout was 2 seconds
*** Can't find server name for address 38.9.213.2 Timed out
*** Default servers are not available
Default Server: UnKnown
Address: 38.9.213.2
> set type=mx
> pjjlaw.com
Server: UnKnown
Address: 38.9.213.2
DNS request timed out.
timeout was 2 seconds
DNS request timed out.
timeout was 2 seconds
*** Request to UnKnown timed-out
> exit
After this I typed "telnet smtp.pjjlaw.com 25" and the telnet screen opened and I got the error:
572 relay not authorized
connection to host lost
I greatly appreciate everyone's help. I only work here a couple days a week, so please bear with my spotty troubleshooting schedule. I am dedicated to getting this resolved, and look forward to your response.
Thanks again
Jim
Bembi: I am not aware of a second email about the rejection. I don't think the target system ever get's anything from us and hence we have no reply. I did a tracert as you recommended, and it was able to do a complete trace in 14 hops.
Kidego: I am guessing the steps described by subsoniq are telnetting their server as you suggest. Read on for findings
Subsoniq: Thanks for the step by step instructions. They were most helpful. Here's what happened:
nslookup
DNS request timed out.
timeout was 2 seconds
*** Can't find server name for address 38.9.213.2 Timed out
*** Default servers are not available
Default Server: UnKnown
Address: 38.9.213.2
> set type=mx
> pjjlaw.com
Server: UnKnown
Address: 38.9.213.2
DNS request timed out.
timeout was 2 seconds
DNS request timed out.
timeout was 2 seconds
*** Request to UnKnown timed-out
> exit
After this I typed "telnet smtp.pjjlaw.com 25" and the telnet screen opened and I got the error:
572 relay not authorized
connection to host lost
I greatly appreciate everyone's help. I only work here a couple days a week, so please bear with my spotty troubleshooting schedule. I am dedicated to getting this resolved, and look forward to your response.
Thanks again
Jim
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Set up your own DNS server and point all your clients and the server to use this DNS.
Setup a forward zone with your domain name
Setup a reverse zone
Start the DNS MMC
Go to your forward zone
Delete the root zone (.) in your forward zone
Click the properties of the server
Go to the tabs forwarder
Add there at least one DNS server (usually the DNS of your ISP)
Restart DNS Server
The tab forwarder is only available, if this server is not a root server, therfore you have to delete the root zone first.
Another option is to configure the (external) DNS server within the virtual SMTP server. On the last tab (enhanced), you have a button to do this "configure external DNS server" or something similar.
Setup a forward zone with your domain name
Setup a reverse zone
Start the DNS MMC
Go to your forward zone
Delete the root zone (.) in your forward zone
Click the properties of the server
Go to the tabs forwarder
Add there at least one DNS server (usually the DNS of your ISP)
Restart DNS Server
The tab forwarder is only available, if this server is not a root server, therfore you have to delete the root zone first.
Another option is to configure the (external) DNS server within the virtual SMTP server. On the last tab (enhanced), you have a button to do this "configure external DNS server" or something similar.
ASKER
Hi everyone
Thanks again for you assistance. I have read your comments and here's what I have discovered:
I called PSInet/Cogent and they gave me new ip addresses for our DNS servers. I put these in the tcp/ip properties tab for our server. Once I had done this I could get results from an nslookup something like this:
pjjlaw.com
Server: res1.dns.cogentco.com
Address: 66.28.0.45
Non authoritative answer:
pjjlaw.com MX preference=50, mail exchanger-mail-fwd.sbc-web
pjjlaw.com nameserver-ns26b.sbc-webho
pjjlaw.com nameserver-ns26a.sbc-webho
mail-fwd.sbc-webhosting.co
mail-fwd.sbc-webhosting.co
mail-fwd.sbc-webhosting.co
mail-fwd.sbc-webhosting.co
I'm guessing this means we now had the proper name server in place. When I sent new test mail, it would still lay around in the outbound queue with the "host unreachable" message. In exchange, I went in to the connections tab and unchecked the button "use DNS" and changed it to "forward all messages to" with the address "relay.smtp.psi.net"
I sent another test mail, and it, and the one stuck in the queue, both were sent without incident. I'm going to wait a day before I pronounce the problem fixed, but things are looking much much better. Please let me know if you see any potential problems with the configuration changes we made.
As always; I greatly appreciate the help.
Thanks
Jim
Thanks again for you assistance. I have read your comments and here's what I have discovered:
I called PSInet/Cogent and they gave me new ip addresses for our DNS servers. I put these in the tcp/ip properties tab for our server. Once I had done this I could get results from an nslookup something like this:
pjjlaw.com
Server: res1.dns.cogentco.com
Address: 66.28.0.45
Non authoritative answer:
pjjlaw.com MX preference=50, mail exchanger-mail-fwd.sbc-web
pjjlaw.com nameserver-ns26b.sbc-webho
pjjlaw.com nameserver-ns26a.sbc-webho
mail-fwd.sbc-webhosting.co
mail-fwd.sbc-webhosting.co
mail-fwd.sbc-webhosting.co
mail-fwd.sbc-webhosting.co
I'm guessing this means we now had the proper name server in place. When I sent new test mail, it would still lay around in the outbound queue with the "host unreachable" message. In exchange, I went in to the connections tab and unchecked the button "use DNS" and changed it to "forward all messages to" with the address "relay.smtp.psi.net"
I sent another test mail, and it, and the one stuck in the queue, both were sent without incident. I'm going to wait a day before I pronounce the problem fixed, but things are looking much much better. Please let me know if you see any potential problems with the configuration changes we made.
As always; I greatly appreciate the help.
Thanks
Jim
So, as you have checked out, your problem is already, that the name resolution for exchange (=DNS) is still not working. Of course, you can forward all mails to a smarthost, nevertheless, other services may have a similar problem. If you point your server to use external DNS servers, without having a own internal DNS, your server may forward DNS queries to your ISP, independend from if they are internal or external. This may work with NT4 and a working WINS Server, but as far as you use OS, which are using DNS by default (W2K / XP), you may get problems, because your ISP can not resolve your internal addresses. You havn't said something about your OS and EX Version, so it may, but not need affecting your system. But keep this in mind for future changes.
ASKER
Thanks subsoniq. I greatly appreciate your help in solving this tricky problem. The step-by-step instructions were great and I am happy to report the problem is fixed. Thanks everyone for your help.
Jim
Jim
As you get a host unreachable message, (which comes from your server) it may be, that your server can not get a route to this server or the server is busy or the connection timed out or the server or a gateway rejects your mails. The mail will be kept in the message queue, your server can resolve the target system, but can not connect. Therfore the server retries several times to connect to the target system until your configured (or the default) timeout occures. If that happend, you get the NDR.
Try a tracert agains the destination server.
Have a look at your SMTP Log file, may be that your mail is rejected for any reasons. Esp. AOL has allways new ideas, how to confuse postmasters by blocking mail servers for any reasons. The last joke from AOL is only a few weeks ago. So, try to find out, if there is any rule which may have all rejected mails together.
See:
http://support.microsoft.com/default.aspx?scid=kb;en-us;182557