Solved

Not able to receive email from certain domains.

Posted on 2004-09-21
21
1,097 Views
Last Modified: 2008-03-10
I'm running Exchange 2000, with all the latest patches.

I can send out all mail correctly, however there are a few domains that can't send me mail.  Is this my problem? or the senders?

I'm posting my domain for anyone's help..

Is there any benefits or drawbacks in having RDNS enabled?  

FQDN: jrmail1.jeffersonregional.com

Thanks  Jason
0
Comment
Question by:jason15025
  • 9
  • 8
  • 4
21 Comments
 
LVL 15

Expert Comment

by:scampgb
ID: 12115343
Hi jason15025,

Thanks for posting the domain - that helps :-)

Take a look at www.dnsreport.com and see what it says about your domain - http://www.dnsreport.com/tools/dnsreport.ch?domain=jeffersonregional.com

Nothing particularly worrying.  It would be worth making sure that the DNS name matches the name that Exchange is reporting.
It looks like the MX for your domain is 10 MAIL.jeffersonregional.com. IP=141.158.86.173]

Your "PTR" record (reverse DNS) returns jrmail1.jeffersonregional.com.
I suggest that you change that to "mail.jeffersonregional.com." - or change the MX record to match :-)

You could do to change your SMTP greeting on Exchange to match your DNS entry.  Info on that at : http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_21130164.html

Also, your domain doesn't seem to be accepting mail for "postmaster".  That could do to be fixed.

Anyway, that doesn't really answer your question :-)

We'll need to know why the sender(s) can't send you emails.  They'll be getting an NDR back, can you get hold of a copy of one of these and post it?
0
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 12115361
Everything looks ok...

http://www.dnsreport.com/tools/dnsreport.ch?domain=jeffersonregional.com

The one thing I would probably change is what your server announces to the world.

You currently tell the world you are mail.jeffersonregional.com but announces as "jrmail1.jeffersonregional.com". To get Exchange to announce the new name...

ESM, Admin Groups, <your admin group>, Servers, <your server>, Protocols, SMTP. Right click on Default SMTP virtual server and choose Properties. Click on the last tab Delivery and then click on the Advanced button. In the middle box FQDN, enter "mail.jeffersonregional.com" (minus quotes). Apply/OK out.

Otherwise need to see the NDR generated at the other end.

Simon.

0
 
LVL 15

Expert Comment

by:scampgb
ID: 12115730
Sembee: I must be getting the hang of this to be giving similar answers to you :-)
0
 

Author Comment

by:jason15025
ID: 12115767
Ok Guys...

I changed what my Exchange system announces to the world to mail.jeffersonregional.com

I'm still trying to get ahold of the NDR that they are receiving.

Any comments on the RDNS situation?

0
 
LVL 104

Expert Comment

by:Sembee
ID: 12115936
Jason - I set RDNS on all installations that I do now. More and more ISPs are using it as a line of defense for spam and viruses that it makes sense not to. I don't see any drawbacks - it is just polite and good practise.

Scampgb - With a problem like this we both thought along the same lines. With the valid domain name a dnsreport was the obvious thing to do first, followed by the request for the NDR - we just worded it differently - but it should give Jason some idea that we are on the same track.

Simon.
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12115941
> Any comments on the RDNS situation?

Not quite sure what you mean here.  You already have a Reverse DNS entry, although I think it would be worth changing to match your MX - just for neatness :)

Or are you talking about doing something with Reverse DNS Delegation (http://www.ripe.net/reverse/rdns-project/) ?

I personally don't see the need unless you're going to be changing Internet-facing IPs & hostnames on a regular basis.  I generally use aliases anyway - mail.mydomain.com -> 1.2.3.4
This means that I can change what server happens to be 1.2.3.4 whenever I like :-)

I could well be missing something here....
0
 

Author Comment

by:jason15025
ID: 12116255
As for the RDNS stuff, I've read a few articles stating that this might be causing my problems?  I don't think it is?  I just wanted a few suggestions.  It appears that the mail is working correctly after I made the change.  I'm going to try to get ahold of the admins at the domains that I'm having trouble with.  If they don't have a RDNS entry, could this be a possible issue.

I know this is alot of questions.  I'll award you guys points once my little dilemma is resolved.

Thanks
0
 

Author Comment

by:jason15025
ID: 12133653
OK Guys..  I verified that I do not have RDNS enabled on my Incomming Emails.

I continue to receive more and more clients that say that they can't send us email?  

However, I am still getting mail from a ton of other sites?  

Am I missing something?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 12135390
Really need the text of the NDR that the other is getting. Lack of RDNS shouldn't cause you not to receive email.

Simon.
0
 

Author Comment

by:jason15025
ID: 12135499
The error from the user that can't send me mail reads....

Could not deliver the message in the time limit specified.  Please retry or contact your administrator.

<FIRST.LAST@DOMAIN.COM #4.4.7>
0
The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

 
LVL 15

Expert Comment

by:scampgb
ID: 12135523
jason15025,
Is that the complete NDR message, or just the bit they wanted to send you?
It's not clear which server is returning that - or exactly why.

It's a little odd about the time-limit bit.



0
 

Author Comment

by:jason15025
ID: 12136045
Your message

  To:      jason.ohern@jeffersonregional.com
  Subject: test
  Sent:    Tue, 21 Sep 2004 13:14:33 -0400

did not reach the following recipient(s):

jason.ohern@jeffersonregional.com on Thu, 23 Sep 2004 13:26:16 -0400
    Could not deliver the message in the time limit specified.  Please
retry or contact your administrator.
    <exchange.edataserv.com #4.4.7>

It appears that they don't have PTR records?  Is this their problem?
0
 
LVL 15

Assisted Solution

by:scampgb
scampgb earned 250 total points
ID: 12136125
jason15025,
> It appears that they don't have PTR records?  Is this their problem?

The fact that they don't have a PTR record is unlikely to be the problem, unless your server is configured to reject emails that don't have a valid PTR.
In that case, they wouldn't get a message like the above anyway.

Doing the test http://www.dnsreport.com/tools/mail.ch?domain=jason.ohern@jeffersonregional.com reveals:
   MAIL.jeffersonregional.com. - 141.158.86.173  [Successful connect: Got a good response [250 2.1.5 jason.ohern@jeffersonregional.com ]]


So, it looks like most machines can contact your mail server and send you emails with no problem.  Some people are having difficulty though.

The NDR above was generated by exchange.edataserv.com - I suggest that you contact the sysadmins that look after this server and explain what's going on.
They'll then be able to investigate it.

It present it does sound like something at the sender-end though.

0
 

Author Comment

by:jason15025
ID: 12136366
Thanks Guys...

I've split the points!!  

I think that its not my problem...  I finally feel better..
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12136383
Hi jason15025,

Thanks for the "A".  Glad I could help, and that you're not worrying anymore! :-)

0
 

Author Comment

by:jason15025
ID: 12143557
Maybe not over yet!!

Here is the SMTP LOG INFO when this domain tries to connect?

12:18:18 64.140.86.79 MAIL - 0
12:18:18 64.140.86.79 - - 0
12:18:18 64.140.86.79 RCPT - 0
12:18:18 64.140.86.79 - - 0
12:18:18 64.140.86.79 BDAT - 0
12:18:18 64.140.86.79 - - 0
12:18:18 64.140.86.79 QUIT - 0
12:18:18 64.140.86.79 - - 0

Whats up with this??  I'm really lost.  It appears now he can connect, but no traffic?

PLEASE I'M going nuts
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12145251
jason15025,
Is that the full log?

Sorry, I'm a bit stumped here.  Sembee! :)


0
 
LVL 104

Expert Comment

by:Sembee
ID: 12145318
That is probably the default logging level.
Was that a log of you trying to send email to someone, or someone trying to send email to you?

Simon.
0
 

Author Comment

by:jason15025
ID: 12145326
It's just the section of my SMTP log where he is trying to connect.  All the other domains log normal.
Here is a bigger section of the log.  As you can see the other domains are fine.  Just this certain one.  

12:17:38 64.140.86.79 - - 0
12:17:38 64.140.86.79 EHLO - 0
12:17:38 64.140.86.79 - - 0
12:17:39 64.140.86.79 MAIL - 0
12:17:39 64.140.86.79 - - 0
12:17:39 64.140.86.79 QUIT - 0
12:17:39 64.140.86.79 - - 0
12:17:43 206.71.58.23 HELO - 250
12:17:43 206.71.58.23 MAIL - 250
12:17:43 206.71.58.23 RCPT - 250
12:17:43 206.71.58.23 DATA - 250
12:17:43 206.71.58.23 MAIL - 250
12:17:43 206.71.58.23 RCPT - 250
12:17:43 206.71.58.23 DATA - 250
12:17:48 206.71.58.23 QUIT - 240
12:18:17 64.140.86.79 - - 0
12:18:17 64.140.86.79 EHLO - 0
12:18:17 64.140.86.79 - - 0
12:18:17 216.52.118.222 EHLO - 250
12:18:17 216.52.118.222 MAIL - 250
12:18:17 216.52.118.222 RCPT - 250
12:18:17 216.52.118.222 DATA - 250
12:18:17 216.52.118.222 QUIT - 240
12:18:18 64.140.86.79 MAIL - 0
12:18:18 64.140.86.79 - - 0
12:18:18 64.140.86.79 RCPT - 0
12:18:18 64.140.86.79 - - 0
12:18:18 64.140.86.79 BDAT - 0
12:18:18 64.140.86.79 - - 0
12:18:18 64.140.86.79 QUIT - 0
12:18:18 64.140.86.79 - - 0
0
 

Author Comment

by:jason15025
ID: 12261282
Just thought You might want to know!!

Found the problem!

Our Help Desk guy filtering some domains by their domain name, we found out that Exchange 2000 WILL FORCE REVERSE DNS LOOKUP ON ALL (!!!) CONNECTION ATTEMPS!!! Exchange has to do that in order to be able to filter the domains I entered as Spammers. Domains that don’t have a reverse DNS set up –will be rejected as well –as Exchange can’t verify that they are not on my black list. –All that, while we left the check box “Force reverse DNS lookup” unchecked.  

Interesting because in basic reading about this no where does it say that blocking by domain forces Exchange to start doing reverse DNS on all connections.
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12261408
*grin*  That would make a lot of sense :-)

There's an increasing number of problems with people not having PTR records set correctly - but bit-by-bit people are sorting it.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video discusses moving either the default database or any database to a new volume.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now