Solved

Exchange 5.5 Sp4 immediate NDR for specific domains

Posted on 2003-10-28
9
860 Views
Last Modified: 2010-03-05
When users attempt to send email to anyone at earthlink.net our Exchange server immediately reply’s to the in-house user with a System Administrator report with the following info.  It seems to reply so quickly that it doesn’t even have a chance to hit the earthlink mail server.

Could the reply happen this quickly if our company domain is on a black hole list for earthlink?  The reason I ask is because a year ago we had an open relay for about a week but like I said that was a year ago.
_____________________________________________________________________

 Your message did not reach some or all of the intended recipients.

      Subject:      FW: Email test to Desiree
      Sent:      10/28/2003 8:21 AM

The following recipient(s) could not be reached:

      'xxxxxxxx@earthlink.net' on 10/28/2003 8:21 AM
            Unable to deliver the message due to a communications failure
      The MTS-ID of the original message is: c=US;a= ;p=xxxxxxxxxxxx;l=MAIL_SERVER-031028162101Z-75
0
Comment
Question by:johnm07
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 8

Accepted Solution

by:
JasonBigham earned 250 total points
ID: 9635493
Can you do a DNS lookup and return MX records for earthlink?  

If so, then (from the mail server) please click start, run, and type telnet earthlinkmxrecord 25

0
 

Author Comment

by:johnm07
ID: 9635868
Jason,

I havent done this in awhile but I thinik I did it right.

After getting the IPs for the earthlink mail servers I tried a tracert to MX01.earthlink.net and the IP was resolved to 207.217.120.29.  I then tried a tracert to 207.217.120.29 and it resolved MX01.earthlink.net.

From my exchange server I followed your instructions and telnetted to "mx01.earthlink.net 25"  and received the following:
220 penguin EL_3_9_10 /EL_3_9_10  ESMTP EarthLink SMTP Server Tue, 28 Oct 2003 1
0:34:36 -0800 (PST)

What do ya think?
____________________________________
H:\>nslookup
Default Server:  dns1.snfcca.sbcglobal.net
Address:  206.13.28.12

> set type=mx
> earthlink.net
Server:  dns1.snfcca.sbcglobal.net
Address:  206.13.28.12

Non-authoritative answer:
earthlink.net   MX preference = 5, mail exchanger = mx05.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx06.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx07.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx08.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx09.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx10.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx00.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx01.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx02.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx03.earthlink.net
earthlink.net   MX preference = 5, mail exchanger = mx04.earthlink.net

earthlink.net   nameserver = ns3.earthlink.net
earthlink.net   nameserver = ns1.earthlink.net
earthlink.net   nameserver = ns2.earthlink.net
mx05.earthlink.net      internet address = 207.217.120.31
mx06.earthlink.net      internet address = 207.217.120.23
mx07.earthlink.net      internet address = 207.217.120.132
mx08.earthlink.net      internet address = 207.217.120.201
mx09.earthlink.net      internet address = 207.217.120.216
mx10.earthlink.net      internet address = 207.217.120.241
mx00.earthlink.net      internet address = 207.217.120.28
mx01.earthlink.net      internet address = 207.217.120.29
mx02.earthlink.net      internet address = 207.217.120.79
mx03.earthlink.net      internet address = 207.217.120.78
mx04.earthlink.net      internet address = 207.217.120.249
ns3.earthlink.net       internet address = 207.217.120.43
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9635889
Let's finish the telnet process to see if there is more info. That's just the greeting.

i.e.

http://www.yuki-onna.co.uk/email/smtp.html
http://www.mvps.org/exchange/smtp_frames.htm

0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:johnm07
ID: 9636075
Jason,

Sweet, that’s the answer I have been looking for. I had called earthlink probably 10 times or more and was never able to get a response as to why their users couldn’t accept email from our domain. I even asked them to check their black hole list but now I at least know why.  Now I'll need to write asking to be removed from their open relay list but at least I have their mail servers telnet reply’s.   Nice work Jason!!!

This is the first time I have used Experts Exchange, what a great introduction and what a great resource.
____________________

220 penguin EL_3_9_10 /EL_3_9_10  ESMTP EarthLink SMTP Server Tue, 28 Oct 2003 1
0:55:38 -0800 (PST)
helo tartus.com
250 penguin Hello tartus.com [67.112.31.34], please to meet you
mail from tartus.com
550 Dynamic IPs/open relays blocked. Contact <openrelay@abuse.earthlink.net>.
_____________________
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9636135
Glad to here... make sure you aren't an open relay as well... though it may have been an error on their part.
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9636143
And welcome Experts Exchange... don't forget to accept an answer.
0
 

Author Comment

by:johnm07
ID: 9636223
Jason,

Quick followup question, does it matter which of your 4 replys I press accept on?

Thanks agin!
0
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9636233
Try and accept the one you felt to be most helpful... this helps others to quickly locate the answer in the future.
0
 

Expert Comment

by:cridog
ID: 11225710
I am having the same problem.  Did you e-mail openrelay@abuse.earthlink.net?  If so what did you say to get removed and how long did it take?

Thanks,
Chris
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month6 days, 20 hours left to enroll

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question