Solved

Random NDRs not so random

Posted on 2004-10-05
9
341 Views
Last Modified: 2008-03-10
We are receiving NDR notices on mail addressed to one domain at another company.  They are recieving mail from everybody but us....and they are the only domain that we cannot mail to...

The error message is:

The following recipient(s) could not be reached:

      somebody@somebody.com on 10/2/2004 8:31 AM
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            <exchangeserver.mycompany.com #5.7.1 smtp;550 5.7.1 <somebody@somebody.com>... Relaying denied>

a google search on this error message turned up two articles in the  MS KB, on random NDRs.....283287 & 274638

Both mention several causes for NDRs, including bad MX records in DNS....not the case here, our DNS resolves internal addresses and is a redirector for to our ISP DNS for Internet addresses....the MX record points correctly to our single exchange 2000 server.

Beyond that, under Authentication on the Access tab of the default SMTP virtual server ( the only one we use) we had both anonymous access and Integrated Windows Access checked.  When I changed that to uncheck Integrated and leave only anonymous, a test mail to the addresses in question came back with a new NDR:

  anotherperson@somebody.com on 10/5/2004 12:09 PM
            The destination system is currently not accepting any messages.  Please retry at a later time.  If that fails, contact your system administrator.
            <exchangeserver.mycompany.com #5.3.0 smtp;554 5.3.0 rewrite: map site186_a not found>

Anybody got any ideas?


0
Comment
Question by:JConchie
  • 5
  • 4
9 Comments
 
LVL 8

Accepted Solution

by:
susanzeigler earned 500 total points
ID: 12231569
First and foremost, is there matching forward and reverse DNS for your mail server? Are they using any blacklists that perhaps your IP is listed in?

Another possible cause--is anything relating to their domain listed in your internal DNS?  I don't get that from the first error you posted, but the second one looks suspiciously lke your server is trying to deliver to a machine it can't find. That could be caused if there is something in your local DNS about that domain.

Additionally, do they see anything in their mail server log files that indicate your mail server is contacting theirs?  A quick test would be to telnet to their server on port 25 and try to send a message directly.

In a command window, type:
  telnet theirmailserver.theirdomain.com 25

When the telnet window opens and a ready prompt appears, type:
  helo mailserver.theirdomain.com

Their server should respond with an ok message. Then type:
  mail from: youremail@yourdomain.com

Their server should respond with and ok message. Now type:
  rcpt to:  somebody@somebody.com

Their server should respond with an ok message. Then type
  data

Their server should respond with and ok message. Now type:
  type a message and then hit return and type a single . on a line by itself
  .

Ideally, if it is not something on your exchange server, you will get a relay denied message somewhere in that process. The issue then exists at their end. If the message is queued for delivery, the issue could still be either on your end or on theirs:(




0
 
LVL 18

Author Comment

by:JConchie
ID: 12232410
Susan, thanks for your reply.

Have checked our DNS carefully both the MX record in our forward lookup and the corresponding pointer in the reverse lookup are fine.  We have no entries from any domain other than our single internal domain.

The other companies office is on the east coast and is closed, but I have emailed their IT ......in another domain :-)
....and have asked for the name of their mailserver...tomorrow, when I have that, will run the ftp check and get back to you.

Appreciate the help.
Jim
0
 
LVL 8

Expert Comment

by:susanzeigler
ID: 12233062
You can substitute the IP of their mailserver for the host name.

An easy way to get this information, simply go to the command prompt on any windows 2000 or XP machine and type
nslookup

then type:
set query=mx

and finally:
whatevertheirdomainnameis.com


This should give you the IP address and the name of the mail server that is accepting inbound mail. If you get more than one MX record, use the one with the lower number:)
0
 
LVL 18

Author Comment

by:JConchie
ID: 12240440
Susan,
got their ip following your instructions....also gave me the name of thier server...which appears to just be a virtual server hosted on an ISP.  Got back the ISP's mail server and IP address too.

At that point, I telneted in,
did the helo, got back a "pleased to met you" message,
did a "mail from" with my email address, and got back a "Sender OK"

Then did a "rcpt to:" to what are supposed to be two different  valid user addresses on their system...and got back:

554 5.3.0 rewrite: map site186_a not found

Fails there every time I try it.
0
Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

 
LVL 18

Author Comment

by:JConchie
ID: 12240463
When I talked to them last night , they told me that they are getting their email from a pop3 account with thier ISP....also said that the ISP tech had checked and had not seen any attempted messages from us other than some two weeks ago that were routed successfully.
0
 
LVL 8

Expert Comment

by:susanzeigler
ID: 12241308
Ok, the issue is definately on their ISPs end. When you are in the telnet session and have successfully connected to an email server, any errors or messages you get are being generated by that server. Either forward the error you got to them to send to their ISP or send it to their ISPs tech guys. Either you are being blocked by the ISP or something, but chances are very slim that it is on your end. If you want me to try a test to them as well, I'd just need the IP of the mail host.
0
 
LVL 18

Author Comment

by:JConchie
ID: 12241980
Susan,
will let you know about testing from your end...seems likely that you would get through since they say we are the only people they are not getting email from......and they are the only ones we are not reaching.... :-)

Will get back to you as soon as I hear from them.....

Will close and award points then too.

Thanks for your help.
0
 
LVL 8

Expert Comment

by:susanzeigler
ID: 12249035
Of course, just because they SAY they are getting email from everyone doesn't always mean it is true;) Have heard that one too many times :grin:

Hopefully they will figure out what isn't working right and get it fixed.

One thing I didn't ask you if you'd done was to have someone from the other company send you a message and see if the error is the same on a reply as on a direct send.

Good luck:)
0
 
LVL 18

Author Comment

by:JConchie
ID: 12277573
Thanks for your help Susan.
0

Featured Post

Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
how to add IIS SMTP to handle application/Scanner relays into office 365.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now