JYLWest
asked on
SmallBusinessServer2003 SMTP connector is not sending mail out
HI, i have a smtp problem, running SBS2003 with Exchange 2003. 3 month old server installation, used to run fine now stopped sending mail. Mail stuck in SMTP connector. If i force mail it delivers 1or 2. I tried nslookup option
nslookup
set q=mx
remoteDomain.com
and it resolves to the domains. i use Viper and Ninja as AV/AS and this does not seem to be the problem. Any ideas?
nslookup
set q=mx
remoteDomain.com
and it resolves to the domains. i use Viper and Ninja as AV/AS and this does not seem to be the problem. Any ideas?
6) One more thing at the end...
do
telnet maila.microsoft.com 25
ehlo
now when you do this it wil give you one connecting ip next to it... what is it ?
Please answer my Questions and the action plans Point wise....
It will be easy for me..
;-)
do
telnet maila.microsoft.com 25
ehlo
now when you do this it wil give you one connecting ip next to it... what is it ?
Please answer my Questions and the action plans Point wise....
It will be easy for me..
;-)
ASKER
1) is this for all the external domains or certain domains you are not able to send mails out?
--- it seems to be for certain domains only.
2) Do you have a smart host configured on the Default smtp virtual server or the smtp connector?
--- i have a smart host configured on both
3) You said you get the MX fine.. try to do telnet to the mx / ip of any of the domain and let me know what banner do you get...
if i telnet to pfeiffer-armaturen.com i get 220 ns4.omg.de esmtp postfix
4) go to properties of your default smtp virtual server--. general tab--> at the bottom enable logging--> chick the drop down and select NCSA Logging...
---done
5) restart the smtp service
---done
6) do / telnet maila.microsoft.com 25 / ehlo
---165.145.66.97
Thansk for the help, however it seems to be pushing the mail out fine, now, but I think the checking is still worth it.
--- it seems to be for certain domains only.
2) Do you have a smart host configured on the Default smtp virtual server or the smtp connector?
--- i have a smart host configured on both
3) You said you get the MX fine.. try to do telnet to the mx / ip of any of the domain and let me know what banner do you get...
if i telnet to pfeiffer-armaturen.com i get 220 ns4.omg.de esmtp postfix
4) go to properties of your default smtp virtual server--. general tab--> at the bottom enable logging--> chick the drop down and select NCSA Logging...
---done
5) restart the smtp service
---done
6) do / telnet maila.microsoft.com 25 / ehlo
---165.145.66.97
Thansk for the help, however it seems to be pushing the mail out fine, now, but I think the checking is still worth it.
Ok great.. i got the resolution for your Issue... You are Blackilsted by some RBLS.. coz of some reason..
go to
http://www.mxtoolbox.com/blacklists.aspx
and put in 165.145.66.97
you will see all those who blacklisted you..
+> Now they have blacklisted may be coz of following reason :
1. You are open for relay
2. you are spamming out ...
3. enable all the spam filtering on the exchagne server...and configure them properly...
After enabling the smap filters on the exchagne server... >>>contact them and get your IP white listed
Let me know if you want help configuring spam filtering....
-x
go to
http://www.mxtoolbox.com/blacklists.aspx
and put in 165.145.66.97
you will see all those who blacklisted you..
+> Now they have blacklisted may be coz of following reason :
1. You are open for relay
2. you are spamming out ...
3. enable all the spam filtering on the exchagne server...and configure them properly...
After enabling the smap filters on the exchagne server... >>>contact them and get your IP white listed
Let me know if you want help configuring spam filtering....
-x
ASKER
please give me some guidance on the spam filtering, will this be on the exchange server itself or with 3rd party software?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
check if the server is open for relay. properties of Default smtp virtual server ->access tab--> relay
you should have the first option selected there.
you should have the first option selected there.
ASKER
hi there, x-sam,
I have done the above and am checking the queues. I will keep you posted, but it looks good. However I still have problems with getting my self whitelisted from SORBS. It looks like it could be an ISP related issue as it states IP range 165.145.0.0., this is my error on sorbs:
Netblock: 165.145.0.0/16 (165.145.0.0-165.145.255.2 55)
Record Created: Tue Feb 6 09:05:10 2007 GMT
Record Updated: Tue Feb 6 09:05:10 2007 GMT
Additional Information: [[#143815] Locally Supplied list (06/02/2007)] Dynamic/Generic IP/rDNS address, use your ISPs mail server or get rDNS set to indicate static assignment.
don't know if you know if anything special I can try.
I have done the above and am checking the queues. I will keep you posted, but it looks good. However I still have problems with getting my self whitelisted from SORBS. It looks like it could be an ISP related issue as it states IP range 165.145.0.0., this is my error on sorbs:
Netblock: 165.145.0.0/16 (165.145.0.0-165.145.255.2
Record Created: Tue Feb 6 09:05:10 2007 GMT
Record Updated: Tue Feb 6 09:05:10 2007 GMT
Additional Information: [[#143815] Locally Supplied list (06/02/2007)] Dynamic/Generic IP/rDNS address, use your ISPs mail server or get rDNS set to indicate static assignment.
don't know if you know if anything special I can try.
IP range 165.145.0.0.. is this yours.... well Those RBLS who have blocked you can only whitelist you..
or else what you can do is... change your connecting ip.. and that will fix the issue.. now that you have enabled all the filterings i am sure you will never face any spam issues.. trust me ;-)
-x
or else what you can do is... change your connecting ip.. and that will fix the issue.. now that you have enabled all the filterings i am sure you will never face any spam issues.. trust me ;-)
-x
ASKER
Hey there, I have chekced the queuees now and I have found that all users except 1's email is going out. This is very strange. I dumped all mail in the queuee and asked them to send tes mails, i.e. gmail and some other domains, local and international. All 3 mails sit in the queuee! This user is also the only Vista user, though I cannot see if that's got to do with anything? We've upgraded all users to Office 2007. I am actually at a loss here. i am thinking of trying to use another smart host, but am not sure if this will make a differnace, as most of the mail is going out. Any ideas?
Yes you can change the smarthost... Buttttt... at the end of the day... it will be the connecting ip which will make the difference... your conencting ip is blocked at their ena.. contact them and get it white listed...
do these tasks :
1.
go to command prompt...
nslookup
set q=mx
gmail.com
--> does this give you the Mx record of gmail ?
now
telnet to the ip / mx of gmail on port 25
what banner do you get? or does it drop the connection ?
2.
open exchange sys manager/// go to default smtp virtual server // under general tab // click on Enable logging // and select NCSA Log format..
-> restart smtp service...
-> try sending some email...
now... go to start-- run -- type logfiles...
take the log file and paste it here.............
i will show you whats happenning...
-x
do these tasks :
1.
go to command prompt...
nslookup
set q=mx
gmail.com
--> does this give you the Mx record of gmail ?
now
telnet to the ip / mx of gmail on port 25
what banner do you get? or does it drop the connection ?
2.
open exchange sys manager/// go to default smtp virtual server // under general tab // click on Enable logging // and select NCSA Log format..
-> restart smtp service...
-> try sending some email...
now... go to start-- run -- type logfiles...
take the log file and paste it here.............
i will show you whats happenning...
-x
ASKER
hi,
1) i get 3 ip's for gmail, but cannot telnet to any of them - so no banner, i can however telnet to maila.microsoft.com - i get:
220 mail04.microsoft.com Microsoft ESMTP MAIL Service ready at Fri, 20 Feb 2009
03:37:53 -0800
ehlo
250-mail04.microsoft.com Hello [165.145.120.1]
250-SIZE 10485760
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
2)122.162.142.81 - abts-north-dynamic-081.142 .162.122.a irtelbroad band.in [20/Feb/2009:13:24:33 +0200] "EHLO -? abts-north-dynamic-081.142 .162.122.a irtelbroad band.in SMTP" 250 316
122.162.142.81 - abts-north-dynamic-081.142 .162.122.a irtelbroad band.in [20/Feb/2009:13:24:33 +0200] "MAIL -? FROM:<gnubbil@PastaPomodor o.fishbowl .com> SMTP" 250 59
122.162.142.81 - abts-north-dynamic-081.142 .162.122.a irtelbroad band.in [20/Feb/2009:13:24:40 +0200] "RCPT -? TO:<robg@monitor-samson.co .za> SMTP" 250 0
122.162.142.81 - abts-north-dynamic-081.142 .162.122.a irtelbroad band.in [20/Feb/2009:13:24:44 +0200] "DATA -?<MONITORpq666QwaGbdX0000 0004@monit or.samsons a.local> SMTP" 250 135
122.162.142.81 - abts-north-dynamic-081.142 .162.122.a irtelbroad band.in [20/Feb/2009:13:24:45 +0200] "QUIT -?abts-north-dynamic-081.1 42.162.122 .airtelbro adband.in SMTP" 240 71
116.93.236.162 - ZEIYYDUN [20/Feb/2009:13:29:52 +0200] "EHLO -? ZEIYYDUN SMTP" 250 316
116.93.236.162 - SNWYBFKUKF [20/Feb/2009:13:30:13 +0200] "EHLO -? SNWYBFKUKF SMTP" 250 316
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:31:09 +0200] "EHLO -? [190.98.27.141] SMTP" 250 315
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:31:45 +0200] "HELO -? mail27.messagelabs.com SMTP" 250 52
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:31:46 +0200] "EHLO -? mail-bw0-f164.google.com SMTP" 250 316
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:04 +0200] "EHLO -? CCCUYYDW SMTP" 250 316
202.152.237.116 - localhost [20/Feb/2009:13:32:07 +0200] "EHLO -? localhost SMTP" 250 317
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM: <anesthetizee@crslawfirm.c om> SMTP" 250 52
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM:<puca.adamscarstens24 @gmail.com > SMTP" 250 55
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM:<linbeistermet@beiste r.de> SMTP" 250 49
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM:<u.vandenhengst@royal haskoning. com> SMTP" 250 58
116.93.236.162 - ZEIYYDUN [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM: <anesthetizee@crslawfirm.c om> SMTP" 250 0
116.93.236.162 - ZEIYYDUN [20/Feb/2009:13:32:32 +0200] "QUIT -?ZEIYYDUN SMTP" 240 0
202.152.237.116 - localhost [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM: <susannez@domainnews.com> SMTP" 250 48
116.93.236.162 - SNWYBFKUKF [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM: <gazadb@mazziparisini.com> SMTP" 250 0
116.93.236.162 - SNWYBFKUKF [20/Feb/2009:13:32:32 +0200] "QUIT -?SNWYBFKUKF SMTP" 240 0
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:32:32 +0200] "RCPT -? TO:<SiraajM@monitor-samson .co.za> SMTP" 250 0
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:32:37 +0200] "RCPT -? TO: <pierre@monitor-samson.co. za> SMTP" 550 0
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:37 +0200] "RCPT -? TO: <svenh@monitor-samson.co.z a> SMTP" 550 0
202.152.237.116 - localhost [20/Feb/2009:13:32:37 +0200] "RCPT -? TO: <steel@monitor-samson.co.z a> SMTP" 550 0
202.152.237.116 - localhost [20/Feb/2009:13:32:37 +0200] "QUIT -?localhost SMTP" 240 0
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:32:37 +0200] "DATA - SMTP" 503 0
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:37 +0200] "DATA - SMTP" 503 0
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:32:38 +0200] "RCPT -? TO:<jochen@monitor-samson. co.za> SMTP" 250 0
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:32:42 +0200] "DATA -? <600DDAE5F9D3A741A270EA583 13E3F6E031 7B79F@dorl v102.corpo rateroot.n et> SMTP" 250 153
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:32:42 +0200] "DATA -? <889d1d810902200343v7bd907 48lfddc19d fa509bcea@ mail.gmail .com> SMTP" 250 145
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:32:42 +0200] "QUIT -?[190.98.27.141] SMTP" 240 30
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:32:43 +0200] "QUIT -?mail27.messagelabs.com SMTP" 240 71
83.8.185.185 - pjiye [20/Feb/2009:13:32:45 +0200] "EHLO -? pjiye SMTP" 250 314
83.8.185.185 - pjiye [20/Feb/2009:13:32:46 +0200] "MAIL -? FROM: <allaasley_ww@unidial.com> SMTP" 250 49
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:47 +0200] "MAIL -? FROM: <godfathersfwg74@casademen diz.com> SMTP" 503 0
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:47 +0200] "QUIT -?CCCUYYDW SMTP" 240 0
83.8.185.185 - pjiye [20/Feb/2009:13:32:56 +0200] "RCPT -? TO: <michelleh@monitor-instrum ents.co.za > SMTP" 550 0
83.8.185.185 - pjiye [20/Feb/2009:13:33:01 +0200] "RCPT -? TO: <ameliaj@monitor-instrumen ts.co.za> SMTP" 550 0
83.8.185.185 - pjiye [20/Feb/2009:13:33:06 +0200] "RCPT -? TO: <rfy@monitor-instruments.c o.za> SMTP" 550 0
83.8.185.185 - pjiye [20/Feb/2009:13:33:06 +0200] "RCPT -? TO: <krisk@monitor-instruments .co.za> SMTP" 250 0
83.8.185.185 - pjiye [20/Feb/2009:13:33:06 +0200] "RCPT -? TO: <bobbyb@monitor-instrument s.co.za> SMTP" 250 0
196.43.2.142 - OutboundConnectionResponse [20/Feb/2009:13:33:09 +0200] "- -?220 ctb-mesg-1-2.saix.net ESMTP Postfix SMTP" 0 39
196.43.2.142 - OutboundConnectionCommand [20/Feb/2009:13:33:09 +0200] "EHLO -?monitor.samsonsa.local SMTP" 0 4
196.43.2.142 - OutboundConnectionResponse [20/Feb/2009:13:33:09 +0200] "- -?250-ctb-mesg-1-2.saix.ne t SMTP" 0 25
196.43.2.142 - OutboundConnectionCommand [20/Feb/2009:13:33:09 +0200] "MAIL -?FROM:<JWest@monitor-sams on.co.za> SIZE=1293 SMTP" 0 4
196.43.2.142 - OutboundConnectionResponse [20/Feb/2009:13:33:09 +0200] "- -?250 2.1.0 Ok SMTP" 0 12
196.43.2.142 - OutboundConnectionCommand [20/Feb/2009:13:33:09 +0200] "RCPT -?TO:<alastair.bovim@strat osglobal.c om> SMTP" 0 4
196.43.2.142 - OutboundConnectionCommand [20/Feb/2009:13:33:09 +0200] "RCPT -?TO:<jwest@jaluti.com> SMTP" 0 4
196.43.2.142 - OutboundConnectionResponse [20/Feb/2009:13:33:10 +0200] "- -?250 2.1.5 Ok SMTP" 0 12
83.8.185.185 - pjiye [20/Feb/2009:13:33:11 +0200] "RCPT -? TO: <pvbu@monitor-instruments. co.za> SMTP" 550 0
83.8.185.185 - pjiye [20/Feb/2009:13:33:11 +0200] "RCPT -? TO: <sales@monitor-instruments .co.za> SMTP" 250 0
83.8.185.185 - pjiye [20/Feb/2009:13:33:11 +0200] "RCPT -? TO: <andren@monitor-instrument s.co.za> SMTP" 250 0
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:33:13 +0200] "QUIT -?mail-bw0-f164.google.com SMTP" 240 71
83.8.185.185 - pjiye [20/Feb/2009:13:33:16 +0200] "RCPT -? TO: <cgvirm@monitor-instrument s.co.za> SMTP" 550 0
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:39 +0200] "EHLO -? adsl.viettel.vn SMTP" 250 316
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:40 +0200] "MAIL -? FROM: <loiren2@vladvisors.com> SMTP" 250 47
83.8.185.185 - pjiye [20/Feb/2009:13:33:44 +0200] "QUIT -?pjiye SMTP" 240 46
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:45 +0200] "RCPT -? TO: <svenh@monitor-samson.co.z a> SMTP" 550 0
189.104.169.107 - ywmmc [20/Feb/2009:13:33:47 +0200] "EHLO -? ywmmc SMTP" 250 317
189.104.169.107 - ywmmc [20/Feb/2009:13:33:48 +0200] "MAIL -? FROM: <jamila_kristian_dx@pacifi cnet.net> SMTP" 250 58
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:50 +0200] "RCPT -? TO: <michelleh@monitor-instrum ents.co.za > SMTP" 550 0
189.104.169.107 - ywmmc [20/Feb/2009:13:33:53 +0200] "RCPT -? TO: <michelleh@monitor-instrum ents.co.za > SMTP" 550 0
189.104.169.107 - ywmmc [20/Feb/2009:13:33:53 +0200] "QUIT -?ywmmc SMTP" 240 0
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:55 +0200] "RCPT -? TO: <rfy@monitor-instruments.c o.za> SMTP" 550 0
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:55 +0200] "DATA - SMTP" 503 0
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:34:00 +0200] "QUIT -?adsl.viettel.vn SMTP" 240 30
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:34:50 +0200] "EHLO -? [190.98.27.141] SMTP" 250 315
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:34:51 +0200] "MAIL -? FROM:<linsuhwmet@suhw.de> SMTP" 250 43
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:34:56 +0200] "RCPT -? TO: <pierre@monitor-samson.co. za> SMTP" 550 0
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:34:56 +0200] "DATA - SMTP" 503 0
1) i get 3 ip's for gmail, but cannot telnet to any of them - so no banner, i can however telnet to maila.microsoft.com - i get:
220 mail04.microsoft.com Microsoft ESMTP MAIL Service ready at Fri, 20 Feb 2009
03:37:53 -0800
ehlo
250-mail04.microsoft.com Hello [165.145.120.1]
250-SIZE 10485760
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
2)122.162.142.81 - abts-north-dynamic-081.142
122.162.142.81 - abts-north-dynamic-081.142
122.162.142.81 - abts-north-dynamic-081.142
122.162.142.81 - abts-north-dynamic-081.142
122.162.142.81 - abts-north-dynamic-081.142
116.93.236.162 - ZEIYYDUN [20/Feb/2009:13:29:52 +0200] "EHLO -? ZEIYYDUN SMTP" 250 316
116.93.236.162 - SNWYBFKUKF [20/Feb/2009:13:30:13 +0200] "EHLO -? SNWYBFKUKF SMTP" 250 316
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:31:09 +0200] "EHLO -? [190.98.27.141] SMTP" 250 315
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:31:45 +0200] "HELO -? mail27.messagelabs.com SMTP" 250 52
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:31:46 +0200] "EHLO -? mail-bw0-f164.google.com SMTP" 250 316
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:04 +0200] "EHLO -? CCCUYYDW SMTP" 250 316
202.152.237.116 - localhost [20/Feb/2009:13:32:07 +0200] "EHLO -? localhost SMTP" 250 317
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM: <anesthetizee@crslawfirm.c
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM:<puca.adamscarstens24
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM:<linbeistermet@beiste
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM:<u.vandenhengst@royal
116.93.236.162 - ZEIYYDUN [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM: <anesthetizee@crslawfirm.c
116.93.236.162 - ZEIYYDUN [20/Feb/2009:13:32:32 +0200] "QUIT -?ZEIYYDUN SMTP" 240 0
202.152.237.116 - localhost [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM: <susannez@domainnews.com> SMTP" 250 48
116.93.236.162 - SNWYBFKUKF [20/Feb/2009:13:32:32 +0200] "MAIL -? FROM: <gazadb@mazziparisini.com>
116.93.236.162 - SNWYBFKUKF [20/Feb/2009:13:32:32 +0200] "QUIT -?SNWYBFKUKF SMTP" 240 0
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:32:32 +0200] "RCPT -? TO:<SiraajM@monitor-samson
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:32:37 +0200] "RCPT -? TO: <pierre@monitor-samson.co.
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:37 +0200] "RCPT -? TO: <svenh@monitor-samson.co.z
202.152.237.116 - localhost [20/Feb/2009:13:32:37 +0200] "RCPT -? TO: <steel@monitor-samson.co.z
202.152.237.116 - localhost [20/Feb/2009:13:32:37 +0200] "QUIT -?localhost SMTP" 240 0
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:32:37 +0200] "DATA - SMTP" 503 0
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:37 +0200] "DATA - SMTP" 503 0
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:32:38 +0200] "RCPT -? TO:<jochen@monitor-samson.
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:32:42 +0200] "DATA -? <600DDAE5F9D3A741A270EA583
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:32:42 +0200] "DATA -? <889d1d810902200343v7bd907
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:32:42 +0200] "QUIT -?[190.98.27.141] SMTP" 240 30
193.109.254.147 - mail27.messagelabs.com [20/Feb/2009:13:32:43 +0200] "QUIT -?mail27.messagelabs.com SMTP" 240 71
83.8.185.185 - pjiye [20/Feb/2009:13:32:45 +0200] "EHLO -? pjiye SMTP" 250 314
83.8.185.185 - pjiye [20/Feb/2009:13:32:46 +0200] "MAIL -? FROM: <allaasley_ww@unidial.com>
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:47 +0200] "MAIL -? FROM: <godfathersfwg74@casademen
116.93.236.162 - CCCUYYDW [20/Feb/2009:13:32:47 +0200] "QUIT -?CCCUYYDW SMTP" 240 0
83.8.185.185 - pjiye [20/Feb/2009:13:32:56 +0200] "RCPT -? TO: <michelleh@monitor-instrum
83.8.185.185 - pjiye [20/Feb/2009:13:33:01 +0200] "RCPT -? TO: <ameliaj@monitor-instrumen
83.8.185.185 - pjiye [20/Feb/2009:13:33:06 +0200] "RCPT -? TO: <rfy@monitor-instruments.c
83.8.185.185 - pjiye [20/Feb/2009:13:33:06 +0200] "RCPT -? TO: <krisk@monitor-instruments
83.8.185.185 - pjiye [20/Feb/2009:13:33:06 +0200] "RCPT -? TO: <bobbyb@monitor-instrument
196.43.2.142 - OutboundConnectionResponse
196.43.2.142 - OutboundConnectionCommand [20/Feb/2009:13:33:09 +0200] "EHLO -?monitor.samsonsa.local SMTP" 0 4
196.43.2.142 - OutboundConnectionResponse
196.43.2.142 - OutboundConnectionCommand [20/Feb/2009:13:33:09 +0200] "MAIL -?FROM:<JWest@monitor-sams
196.43.2.142 - OutboundConnectionResponse
196.43.2.142 - OutboundConnectionCommand [20/Feb/2009:13:33:09 +0200] "RCPT -?TO:<alastair.bovim@strat
196.43.2.142 - OutboundConnectionCommand [20/Feb/2009:13:33:09 +0200] "RCPT -?TO:<jwest@jaluti.com> SMTP" 0 4
196.43.2.142 - OutboundConnectionResponse
83.8.185.185 - pjiye [20/Feb/2009:13:33:11 +0200] "RCPT -? TO: <pvbu@monitor-instruments.
83.8.185.185 - pjiye [20/Feb/2009:13:33:11 +0200] "RCPT -? TO: <sales@monitor-instruments
83.8.185.185 - pjiye [20/Feb/2009:13:33:11 +0200] "RCPT -? TO: <andren@monitor-instrument
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:33:13 +0200] "QUIT -?mail-bw0-f164.google.com
83.8.185.185 - pjiye [20/Feb/2009:13:33:16 +0200] "RCPT -? TO: <cgvirm@monitor-instrument
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:39 +0200] "EHLO -? adsl.viettel.vn SMTP" 250 316
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:40 +0200] "MAIL -? FROM: <loiren2@vladvisors.com> SMTP" 250 47
83.8.185.185 - pjiye [20/Feb/2009:13:33:44 +0200] "QUIT -?pjiye SMTP" 240 46
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:45 +0200] "RCPT -? TO: <svenh@monitor-samson.co.z
189.104.169.107 - ywmmc [20/Feb/2009:13:33:47 +0200] "EHLO -? ywmmc SMTP" 250 317
189.104.169.107 - ywmmc [20/Feb/2009:13:33:48 +0200] "MAIL -? FROM: <jamila_kristian_dx@pacifi
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:50 +0200] "RCPT -? TO: <michelleh@monitor-instrum
189.104.169.107 - ywmmc [20/Feb/2009:13:33:53 +0200] "RCPT -? TO: <michelleh@monitor-instrum
189.104.169.107 - ywmmc [20/Feb/2009:13:33:53 +0200] "QUIT -?ywmmc SMTP" 240 0
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:55 +0200] "RCPT -? TO: <rfy@monitor-instruments.c
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:33:55 +0200] "DATA - SMTP" 503 0
115.73.232.232 - adsl.viettel.vn [20/Feb/2009:13:34:00 +0200] "QUIT -?adsl.viettel.vn SMTP" 240 30
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:34:50 +0200] "EHLO -? [190.98.27.141] SMTP" 250 315
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:34:51 +0200] "MAIL -? FROM:<linsuhwmet@suhw.de> SMTP" 250 43
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:34:56 +0200] "RCPT -? TO: <pierre@monitor-samson.co.
190.98.27.141 - [190.98.27.141] [20/Feb/2009:13:34:56 +0200] "DATA - SMTP" 503 0
If you are not able to connect to their MX... How will you mail them ?? Man i am telling you .. they have blocked you...
you are able to connect to microsoft.. so you will be able to send emails to them... for sure...
but gmail--> no connection--> no banner -> so that means thy blocked you
also...i did a black list query and found RBL : BLARSBL HAS BLOCKED You too...
-x
you are able to connect to microsoft.. so you will be able to send emails to them... for sure...
but gmail--> no connection--> no banner -> so that means thy blocked you
also...i did a black list query and found RBL : BLARSBL HAS BLOCKED You too...
-x
the NCSA LOG Shows:
83.8.185.185 - pjiye [20/Feb/2009:13:33:11 +0200] "RCPT -? TO: <andren@monitor-instrument s.co.za> SMTP" 250 0
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:33:13 +0200] "QUIT -?mail-bw0-f164.google.com SMTP" 240 71
-> after RCPT TO Command.... gmail quits the connection...
83.8.185.185 - pjiye [20/Feb/2009:13:33:11 +0200] "RCPT -? TO: <andren@monitor-instrument
209.85.218.164 - mail-bw0-f164.google.com [20/Feb/2009:13:33:13 +0200] "QUIT -?mail-bw0-f164.google.com
-> after RCPT TO Command.... gmail quits the connection...
ASKER
I note what you say, but have done some further reading and enquiry about this. It seems that because i'm on a dynamic dns, DSL, it will list the range as blcoked, i.e. 165.145.0.0, so if i disconnect and reconnect then i get another IP, though still in that range, as long as i use my ISP's smtp I should be fine. This I'm doing. "The PBL is simply a list of ALL of the world's end-user broadband IP space, i.e: IP space normally assigned to broadband/ADSL customers. It is perfectly normal for dynamic IP addresses (DSL, DHCP, cable, dialup) to be listed on the PBL. In fact all IP addresses in the world which are not designated mail server machines *should be* on the PBL." quoted from spamhaus.
after RCPT TO: it should give ok
and then you should be able to type data etc etc... but gmail Quits ur connection directly....
You are Blacklisted Big time :
go to http://www.mxtoolbox.com/blacklists.aspx and put in your connecting IP : 165.145.120.1
it will give you all the RBLs who black listed you ...
like :
Blacklist Name Status Reason TTL Response Time (ms)
NOMOREFUNN LISTED telkomadsl.co.za. Dynamic IP or generic rDNS. Use your ISPs mail service, or whitelist at: Detail 1156334532
Return codes were: 127.0.0.3 1768 31
SORBS-BLOCK LISTED Dynamic IP Addresses See: Detail
Return codes were: 127.0.0.10 3269 16
SORBS-DUHL LISTED Dynamic IP Addresses See: Detail
Return codes were: 127.0.0.10 3269 31
SORBS-HTTP LISTED Dynamic IP Addresses See: Detail
Return codes were: 127.0.0.10 3269 31
SORBS-MISC LISTED Dynamic IP Addresses See: Detail
Return codes were: 127.0.0.10 3269 31
SORBS-SMTP LISTED Dynamic IP Addresses See: Detail
Return codes were: 127.0.0.10 3269 31
SORBS-SOCKS LISTED Dynamic IP Addresses See: Detail
Return codes were: 127.0.0.10 3269 31
SORBS-SPAM LISTED Dynamic IP Addresses See: Detail
Return codes were: 127.0.0.10 3269 31
SORBS-WEB LISTED Dynamic IP Addresses See: Detail
Return codes were: 127.0.0.10 3269 31
SORBS-ZOMBIE LISTED Dynamic IP Addresses See: Detail
Return codes were: 127.0.0.10 3269 31
Spamhaus-ZEN LISTED Detail
Return codes were: 127.0.0.11 1469 766
You have configured all the spam filters so you are good to go.. just get your self white listed and evethng will be fine...
YEA THE BEST SAY as is said is change your connecting Ip....
other option is : contact them and get yourself white listed...
No other option for you buddy
-x
other option is : contact them and get yourself white listed...
No other option for you buddy
-x
ASKER
Getting another IP is a problem, I'm DSL and cannot get my own IP, so I'm stuck with dynamic IP. By the looks on the SORBS site, it the whole range thats blocked??? 165.145.0.0 If I log into the webmail for exchange and send to gmail it gets delivered, does the webmail use a differnent route than normal exchange?
ASKER
If i run the tests avaialbe on MXToolBox i get Reverse DNS FAILED, could this be a problem?
Yes as i said.. you should have a PTR record of what ever connecting Ip you got at your ISP ..
That can cause issues for sending mails for ATT, COMPCAST, AOL etc.. cos thy require PTR...
you need to take care of both... Black list and PTR
That can cause issues for sending mails for ATT, COMPCAST, AOL etc.. cos thy require PTR...
you need to take care of both... Black list and PTR
Since changing Ip is difficult for you.. you got only 1 option left :
yOu need to contact each RBL and they will tell you whats the procedure of whitelist..
Just tell them that you have enabled all the spam filters and its not more spamming out...
They will definitely help you...........
-X
ASKER
where do i setup the ptr record, keeping in mind my ip from my isp is dynamic.
you need to create a ptr record on your ISP dns. and it shoud be for Your connecting IP.. which your server uses to send mails out...
ASKER
me again, i'm not making life easier for you...
I have contacted the SORBS guys and they tell me that because I'm on a dynamic dns, those ip's will allways be listed and i should use my isp's mail settings. good.
Now i'm testing the queuee's for specific domain not being able to send the mails to.
If I try telnet to one of the domains, mailgate1.samson.ag i get no banner, i type ehlo or helo i get permission denied. What does this mean? This is one of the domains i'm tring to send to.
I have contacted the SORBS guys and they tell me that because I'm on a dynamic dns, those ip's will allways be listed and i should use my isp's mail settings. good.
Now i'm testing the queuee's for specific domain not being able to send the mails to.
If I try telnet to one of the domains, mailgate1.samson.ag i get no banner, i type ehlo or helo i get permission denied. What does this mean? This is one of the domains i'm tring to send to.
Dynamic dns? Please tell me about it.. how is it configured at your end...
try ehlo abc.com
ASKER
in brief:
I have a sbs2003 server running exchange. This sits behind a linux firewall on a dsl connection. I make use of dyndns.org to get my email on the exchange server, as each time i connect to my isp i get a new ip address. to send my mail i use smtp.saix.net, which is also my isp.
it seems that they might need authenitication.. the mailgate1.samson.ag guys.
I have a sbs2003 server running exchange. This sits behind a linux firewall on a dsl connection. I make use of dyndns.org to get my email on the exchange server, as each time i connect to my isp i get a new ip address. to send my mail i use smtp.saix.net, which is also my isp.
it seems that they might need authenitication.. the mailgate1.samson.ag guys.
ASKER
I have used a network monitoring tool and get the below errors:
220 ctb-mesg8.saix.net ESMTP Postfix
EHLO monitor.samsonsa.local
250-ctb-mesg8.saix.net
250-PIPELINING
250-SIZE 102400000
250-ETRN
250 8BITMIME
MAIL FROM:<JochenG@monitor-sams on.co.za> SIZE=8503
250 Ok
RCPT TO:<west.jacques@gmail.com >
250 Ok
421 ctb-mesg8.saix.net Error: timeout exceeded
It's alsmost as my server is not responding when getting the OK???
220 ctb-mesg8.saix.net ESMTP Postfix
EHLO monitor.samsonsa.local
250-ctb-mesg8.saix.net
250-PIPELINING
250-SIZE 102400000
250-ETRN
250 8BITMIME
MAIL FROM:<JochenG@monitor-sams
250 Ok
RCPT TO:<west.jacques@gmail.com
250 Ok
421 ctb-mesg8.saix.net Error: timeout exceeded
It's alsmost as my server is not responding when getting the OK???
the above telnet thing.. where did u take this...
is this for receivng emails from internet or going out?
The above track is incomplete.. please paste all that you get through it...
is this for receivng emails from internet or going out?
The above track is incomplete.. please paste all that you get through it...
ASKER
HI X-sam,
Sorry for my delayed repsonse but I'm trying one or two other things! Will keep you posted.
Sorry for my delayed repsonse but I'm trying one or two other things! Will keep you posted.
no problem
ASKER
HI x-sam,
I have acutally found the problem.
I use Viper from Sunbelt Software as my AV and Ninja as my AS, and have found that by doing a test telnet messages, that do eventually come through, have an item in the header that indicate Vipre thinks the message is spoofed. So I un-installed and re-installed Viper and it seems to be sprted by now. This was noted by a collegued of mine. I will keep a close eye on it but this seemed to have solved the problem. Thanks for your assistance!
I have acutally found the problem.
I use Viper from Sunbelt Software as my AV and Ninja as my AS, and have found that by doing a test telnet messages, that do eventually come through, have an item in the header that indicate Vipre thinks the message is spoofed. So I un-installed and re-installed Viper and it seems to be sprted by now. This was noted by a collegued of mine. I will keep a close eye on it but this seemed to have solved the problem. Thanks for your assistance!
Any ways.. you were blacklisted... what did you do about that.. did you contacted them??
ASKER
yes, they said that all dsl type connections will allways be blacklisted (which i found strange) as long as i use my isp as an smtp connection i should be fine. interesting...
hmmm Yea.. interesting... if you are having a dynamic ip then there is a point.. but dsl..... hmm...
anyways.. check it again .. now that its working...
go to http://www.mxtoolbox.com/blacklists.aspx and put in your connecting IP : 165.145.120.1
what does it give now?
-x
anyways.. check it again .. now that its working...
go to http://www.mxtoolbox.com/blacklists.aspx and put in your connecting IP : 165.145.120.1
what does it give now?
-x
ASKER
blacklisted...165.145.145. 138
now which is that IP? i believe your connecting ip is 165.145.120.1 ?
ASKER
new ip assigned from ISP
Ohh ok.. anyways Issue is fixed so thats Great !!! Njoy ;-)
-=@x-sAm@=-
-=@x-sAm@=-
Some questions for you:
1) is this for all the external domains or certain domains you are not able to send mails out?
2) Do you have a smart host configured on the Default smtp virtual server or the smtp connector?
3) You said you get the MX fine.. try to do telnet to the mx / ip of any of the domain and let me know what banner do you get...
4) go to properties of your default smtp virtual server--. general tab--> at the bottom enable logging--> chick the drop down and select NCSA Logging...
5) restart the smtp service
Let me know the results...
Dont worry man.. we wil fix this....
-x