Random NDRs not so random

We are receiving NDR notices on mail addressed to one domain at another company.  They are recieving mail from everybody but us....and they are the only domain that we cannot mail to...

The error message is:

The following recipient(s) could not be reached:

      somebody@somebody.com on 10/2/2004 8:31 AM
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            <exchangeserver.mycompany.com #5.7.1 smtp;550 5.7.1 <somebody@somebody.com>... Relaying denied>

a google search on this error message turned up two articles in the  MS KB, on random NDRs.....283287 & 274638

Both mention several causes for NDRs, including bad MX records in DNS....not the case here, our DNS resolves internal addresses and is a redirector for to our ISP DNS for Internet addresses....the MX record points correctly to our single exchange 2000 server.

Beyond that, under Authentication on the Access tab of the default SMTP virtual server ( the only one we use) we had both anonymous access and Integrated Windows Access checked.  When I changed that to uncheck Integrated and leave only anonymous, a test mail to the addresses in question came back with a new NDR:

  anotherperson@somebody.com on 10/5/2004 12:09 PM
            The destination system is currently not accepting any messages.  Please retry at a later time.  If that fails, contact your system administrator.
            <exchangeserver.mycompany.com #5.3.0 smtp;554 5.3.0 rewrite: map site186_a not found>

Anybody got any ideas?

LVL 18
Who is Participating?
First and foremost, is there matching forward and reverse DNS for your mail server? Are they using any blacklists that perhaps your IP is listed in?

Another possible cause--is anything relating to their domain listed in your internal DNS?  I don't get that from the first error you posted, but the second one looks suspiciously lke your server is trying to deliver to a machine it can't find. That could be caused if there is something in your local DNS about that domain.

Additionally, do they see anything in their mail server log files that indicate your mail server is contacting theirs?  A quick test would be to telnet to their server on port 25 and try to send a message directly.

In a command window, type:
  telnet theirmailserver.theirdomain.com 25

When the telnet window opens and a ready prompt appears, type:
  helo mailserver.theirdomain.com

Their server should respond with an ok message. Then type:
  mail from: youremail@yourdomain.com

Their server should respond with and ok message. Now type:
  rcpt to:  somebody@somebody.com

Their server should respond with an ok message. Then type

Their server should respond with and ok message. Now type:
  type a message and then hit return and type a single . on a line by itself

Ideally, if it is not something on your exchange server, you will get a relay denied message somewhere in that process. The issue then exists at their end. If the message is queued for delivery, the issue could still be either on your end or on theirs:(

JConchieAuthor Commented:
Susan, thanks for your reply.

Have checked our DNS carefully both the MX record in our forward lookup and the corresponding pointer in the reverse lookup are fine.  We have no entries from any domain other than our single internal domain.

The other companies office is on the east coast and is closed, but I have emailed their IT ......in another domain :-)
....and have asked for the name of their mailserver...tomorrow, when I have that, will run the ftp check and get back to you.

Appreciate the help.
You can substitute the IP of their mailserver for the host name.

An easy way to get this information, simply go to the command prompt on any windows 2000 or XP machine and type

then type:
set query=mx

and finally:

This should give you the IP address and the name of the mail server that is accepting inbound mail. If you get more than one MX record, use the one with the lower number:)
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

JConchieAuthor Commented:
got their ip following your instructions....also gave me the name of thier server...which appears to just be a virtual server hosted on an ISP.  Got back the ISP's mail server and IP address too.

At that point, I telneted in,
did the helo, got back a "pleased to met you" message,
did a "mail from" with my email address, and got back a "Sender OK"

Then did a "rcpt to:" to what are supposed to be two different  valid user addresses on their system...and got back:

554 5.3.0 rewrite: map site186_a not found

Fails there every time I try it.
JConchieAuthor Commented:
When I talked to them last night , they told me that they are getting their email from a pop3 account with thier ISP....also said that the ISP tech had checked and had not seen any attempted messages from us other than some two weeks ago that were routed successfully.
Ok, the issue is definately on their ISPs end. When you are in the telnet session and have successfully connected to an email server, any errors or messages you get are being generated by that server. Either forward the error you got to them to send to their ISP or send it to their ISPs tech guys. Either you are being blocked by the ISP or something, but chances are very slim that it is on your end. If you want me to try a test to them as well, I'd just need the IP of the mail host.
JConchieAuthor Commented:
will let you know about testing from your end...seems likely that you would get through since they say we are the only people they are not getting email from......and they are the only ones we are not reaching.... :-)

Will get back to you as soon as I hear from them.....

Will close and award points then too.

Thanks for your help.
Of course, just because they SAY they are getting email from everyone doesn't always mean it is true;) Have heard that one too many times :grin:

Hopefully they will figure out what isn't working right and get it fixed.

One thing I didn't ask you if you'd done was to have someone from the other company send you a message and see if the error is the same on a reply as on a direct send.

Good luck:)
JConchieAuthor Commented:
Thanks for your help Susan.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.