Solved

Exchange 5.5 Sp4 immediate NDR for specific domains

Posted on 2003-10-28
9
857 Views
Last Modified: 2010-03-05
When users attempt to send email to anyone at earthlink.net our Exchange server immediately reply’s to the in-house user with a System Administrator report with the following info.  It seems to reply so quickly that it doesn’t even have a chance to hit the earthlink mail server.

Could the reply happen this quickly if our company domain is on a black hole list for earthlink?  The reason I ask is because a year ago we had an open relay for about a week but like I said that was a year ago.
_____________________________________________________________________

 Your message did not reach some or all of the intended recipients.

      Subject:      FW: Email test to Desiree
      Sent:      10/28/2003 8:21 AM

The following recipient(s) could not be reached:

      'xxxxxxxx@earthlink.net' on 10/28/2003 8:21 AM
            Unable to deliver the message due to a communications failure
      The MTS-ID of the original message is: c=US;a= ;p=xxxxxxxxxxxx;l=MAIL_SERVER-031028162101Z-75
0
Comment
Question by:johnm07
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 8

Accepted Solution

by:
JasonBigham earned 250 total points
ID: 9635493
Can you do a DNS lookup and return MX records for earthlink?  

If so, then (from the mail server) please click start, run, and type telnet earthlinkmxrecord 25

0
 

Author Comment

by:johnm07
ID: 9635868
Jason,

I havent done this in awhile but I thinik I did it right.

After getting the IPs for the earthlink mail servers I tried a tracert to MX01.earthlink.net and the IP was resolved to 207.217.120.29.  I then tried a tracert to 207.217.120.29 and it resolved MX01.earthlink.net.

From my exchange server I followed your instructions and telnetted to "mx01.earthlink.net 25"  and received the following:
220 penguin EL_3_9_10 /EL_3_9_10  ESMTP EarthLink SMTP Server Tue, 28 Oct 2003 1
0:34:36 -0800 (PST)

What do ya think?
____________________________________
H:\>nslookup
Default Server:  dns1.snfcca.sbcglobal.net
Address:  206.13.28.12

> set type=mx
> earthlink.net
Server:  dns1.snfcca.sbcglobal.net
Address:  206.13.28.12

Non-authoritative answer:
earthlink.net   MX preference = 5, mail exchanger = mx05.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx06.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx07.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx08.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx09.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx10.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx00.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx01.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx02.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx03.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx04.earthlink.net

earthlink.net   nameserver = ns3.earthlink.net
earthlink.net   nameserver = ns1.earthlink.net
earthlink.net   nameserver = ns2.earthlink.net
mx05.earthlink.net      internet address = 207.217.120.31
mx06.earthlink.net      internet address = 207.217.120.23
mx07.earthlink.net      internet address = 207.217.120.132
mx08.earthlink.net      internet address = 207.217.120.201
mx09.earthlink.net      internet address = 207.217.120.216
mx10.earthlink.net      internet address = 207.217.120.241
mx00.earthlink.net      internet address = 207.217.120.28
mx01.earthlink.net      internet address = 207.217.120.29
mx02.earthlink.net      internet address = 207.217.120.79
mx03.earthlink.net      internet address = 207.217.120.78
mx04.earthlink.net      internet address = 207.217.120.249
ns3.earthlink.net       internet address = 207.217.120.43
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9635889
Let's finish the telnet process to see if there is more info. That's just the greeting.

i.e.

http://www.yuki-onna.co.uk/email/smtp.html
http://www.mvps.org/exchange/smtp_frames.htm

0
Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

 

Author Comment

by:johnm07
ID: 9636075
Jason,

Sweet, that’s the answer I have been looking for. I had called earthlink probably 10 times or more and was never able to get a response as to why their users couldn’t accept email from our domain. I even asked them to check their black hole list but now I at least know why.  Now I'll need to write asking to be removed from their open relay list but at least I have their mail servers telnet reply’s.   Nice work Jason!!!

This is the first time I have used Experts Exchange, what a great introduction and what a great resource.
____________________

220 penguin EL_3_9_10 /EL_3_9_10  ESMTP EarthLink SMTP Server Tue, 28 Oct 2003 1
0:55:38 -0800 (PST)
helo tartus.com
250 penguin Hello tartus.com [67.112.31.34], please to meet you
mail from tartus.com
550 Dynamic IPs/open relays blocked. Contact <openrelay@abuse.earthlink.net>.
_____________________
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9636135
Glad to here... make sure you aren't an open relay as well... though it may have been an error on their part.
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9636143
And welcome Experts Exchange... don't forget to accept an answer.
0
 

Author Comment

by:johnm07
ID: 9636223
Jason,

Quick followup question, does it matter which of your 4 replys I press accept on?

Thanks agin!
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9636233
Try and accept the one you felt to be most helpful... this helps others to quickly locate the answer in the future.
0
 

Expert Comment

by:cridog
ID: 11225710
I am having the same problem.  Did you e-mail openrelay@abuse.earthlink.net?  If so what did you say to get removed and how long did it take?

Thanks,
Chris
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question