MWhiteside
asked on
Exchange 2000 - Email bounces back for certain Domain
I cannot send email to a certain domain "stmarysschool.org". My domain is musowls.org and my MX Record is mail.musowls.org and my PTR is mail.musowls.org. We've been having this problem for a while. Time Warner is our ISP and they told us to Relay all our Email through their mail server mail.chrl.twtelecom.net. So I went into Exchange System Manager under Servers under Protocols under SMTP and right-clicked SMTP Default Virtual Server and selected properties. Went to Delivery tab and then Advanced button and then put in mail.chrl.twtelecom.net as a Smart Host. I also made a new SMTP Connector and called it Problematic Domains and for its properties I selected Forware all mail through this connector to the following smart hosts and typed in mail.chrl.twtelecom.net, added my bridgehead server then went to the Address Space Tab and added an SMTP domain *.stmarysschool.org then I clicked Allow messages to be relayed to this domain. I'm not sure what else could be done. Also if you telnet to port 25 on our mail.musowls.org it gives a weird greeting with asteriks in the greeting.
here's the NDR I get when it bounces back to me.
--------------------------
The following recipient(s) could not be reached:
mCENSORED@stmarysschool.or
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
< barracuda.stmarysschool.or
--------------------------
A more detailed analysis is the internet header of the email
--------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from barracuda.stmarysschool.or
Fri, 5 Nov 2004 10:57:13 -0600
Received: by barracuda.stmarysschool.or
id 818214C00094; Fri, 5 Nov 2004 10:58:04 -0600 (CST)
Date: Fri, 5 Nov 2004 10:58:04 -0600 (CST)
From: MAILER-DAEMON (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: ME@MUSOwls.org
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-statu
boundary="29F8D4C00090.109
Message-Id: <20041105165804.818214C000
Return-Path: <>
X-OriginalArrivalTime: 05 Nov 2004 16:57:13.0875 (UTC) FILETIME=[7F9CFE30:01C4C35
--29F8D4C00090.1099673884/
Content-Description: Notification
Content-Type: text/plain
--29F8D4C00090.1099673884/
Content-Description: Delivery error report
Content-Type: message/delivery-status
--29F8D4C00090.1099673884/
Content-Description: Undelivered Message
Content-Type: message/rfc822
X-ASG-Debug-ID: 1099673884-27638-2-0
X-Barracuda-URL: http://172.16.0.98:8000/cgi-bin/mark.cgi
X-ASG-Whitelist: Sender
Received: from relay1.mail.twtelecom.net (relay1.mail.twtelecom.net
by barracuda.stmarysschool.or
for <mCENSORED@stmarysschool.o
Received: from mail.musowls.org (unknown [66.162.168.3])
by relay1.mail.twtelecom.net (Postfix) with SMTP id 962E557D7
for <mCENSORED@stmarysschool.o
content-class: urn:content-classes:messag
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding:
X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0
X-ASG-Orig-Subj: 10:56 a.m. Friday
Subject: 10:56 a.m. Friday
Date: Fri, 5 Nov 2004 10:57:12 -0600
Message-ID: <591676CFA5F36E48BA079A2CF
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: 10:56 a.m. Friday
Thread-Index: AcTDWH42FoRBwM/XSr2jx1kV48
From: "ME" <ME@MUSOwls.org>
To: "MCENSORED (E-mail)" <mCENSORED@stmarysschool.o
X-Virus-Scanned: by Barracuda Spam Firewall at stmarysschool.org
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=3.0 QUARANTINE_LEVEL=9.0 KILL_LEVEL=3.5
--29F8D4C00090.1099673884/
--------------------------
here's the NDR I get when it bounces back to me.
--------------------------
The following recipient(s) could not be reached:
mCENSORED@stmarysschool.or
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
< barracuda.stmarysschool.or
--------------------------
A more detailed analysis is the internet header of the email
--------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from barracuda.stmarysschool.or
Fri, 5 Nov 2004 10:57:13 -0600
Received: by barracuda.stmarysschool.or
id 818214C00094; Fri, 5 Nov 2004 10:58:04 -0600 (CST)
Date: Fri, 5 Nov 2004 10:58:04 -0600 (CST)
From: MAILER-DAEMON (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: ME@MUSOwls.org
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-statu
boundary="29F8D4C00090.109
Message-Id: <20041105165804.818214C000
Return-Path: <>
X-OriginalArrivalTime: 05 Nov 2004 16:57:13.0875 (UTC) FILETIME=[7F9CFE30:01C4C35
--29F8D4C00090.1099673884/
Content-Description: Notification
Content-Type: text/plain
--29F8D4C00090.1099673884/
Content-Description: Delivery error report
Content-Type: message/delivery-status
--29F8D4C00090.1099673884/
Content-Description: Undelivered Message
Content-Type: message/rfc822
X-ASG-Debug-ID: 1099673884-27638-2-0
X-Barracuda-URL: http://172.16.0.98:8000/cgi-bin/mark.cgi
X-ASG-Whitelist: Sender
Received: from relay1.mail.twtelecom.net (relay1.mail.twtelecom.net
by barracuda.stmarysschool.or
for <mCENSORED@stmarysschool.o
Received: from mail.musowls.org (unknown [66.162.168.3])
by relay1.mail.twtelecom.net (Postfix) with SMTP id 962E557D7
for <mCENSORED@stmarysschool.o
content-class: urn:content-classes:messag
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding:
X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0
X-ASG-Orig-Subj: 10:56 a.m. Friday
Subject: 10:56 a.m. Friday
Date: Fri, 5 Nov 2004 10:57:12 -0600
Message-ID: <591676CFA5F36E48BA079A2CF
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: 10:56 a.m. Friday
Thread-Index: AcTDWH42FoRBwM/XSr2jx1kV48
From: "ME" <ME@MUSOwls.org>
To: "MCENSORED (E-mail)" <mCENSORED@stmarysschool.o
X-Virus-Scanned: by Barracuda Spam Firewall at stmarysschool.org
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=3.0 QUARANTINE_LEVEL=9.0 KILL_LEVEL=3.5
--29F8D4C00090.1099673884/
--------------------------
why did you create the second smtp virtual server? the default smtp virtual server would have been sufficient to relay messages through your ISP...
ASKER
I CENSORED out the recipient email address just so no one could see it posted here ;).
And I made the second smtp virtual server just to cover all my bases. And from the looks of the Internet Header it does look like its getting relayed through Time Warners email server. So I'm still not sure why it's bouncing back.
And I made the second smtp virtual server just to cover all my bases. And from the looks of the Internet Header it does look like its getting relayed through Time Warners email server. So I'm still not sure why it's bouncing back.
on your default virtual smtp server is the full qualified domain name on the advanced delivery tab "tc-campus.muscampus.local
ASKER
Weird. How did you find out "tc-campus.muscampus.local
ASKER
Ohh I see, you saw TC-Campus.muscampus.local in the internet Header stuff
ok... do you have a more recent header from an email that was sent back after the change had taken effect?
ASKER
The one I've posted is from today. I made the change about 3 days ago. I don't know why the tc-campus.muscampus.local would show up. I haven't rebooted the server, so maybe the change hasn't totally taken affect. I'm not sure why it still shows.
the only thing I could think of is a configuration problem on their barracuda... they probably need to specifically allow your domain to come through... their spam filter may be catching it... it won't necessarily give you a reason so you don't try and find a way around it...
I realise you censored it out, my suggestion was based on the error number from their server. That and the fact that neither your server nor your ISP's server could send it.
ASKER
Well I rebooted the server and that didn't change anything. Does the Internet Header saying "Message-ID: <591676CFA5F36E48BA079A2CF
helo mail.musowls.org <---- Also typed in just musowls.org and that worked too
mail from: me@musowls.org
rcpt to: m@stmarysschool.org
data
blah blah
.
quit
And it all goes through fine. I also telneted to mail.chrl.twtelecom.net and did the same thing and it worked. So it doesn't seem to reject mail.musowls.org domain or musowls.org. It seems that the problem is not on my end. I think it has something to do with the barracuda. Any more idea's? I'm going to try and get ahold of their SMTP logs and see what it shows.
helo mail.musowls.org <---- Also typed in just musowls.org and that worked too
mail from: me@musowls.org
rcpt to: m@stmarysschool.org
data
blah blah
.
quit
And it all goes through fine. I also telneted to mail.chrl.twtelecom.net and did the same thing and it worked. So it doesn't seem to reject mail.musowls.org domain or musowls.org. It seems that the problem is not on my end. I think it has something to do with the barracuda. Any more idea's? I'm going to try and get ahold of their SMTP logs and see what it shows.
What I meant was maybe your email client like outlook express is turning the email address into a format that their mail server doesn't like.
Error 553 generally means "mailbox name not allowed". This might happen if your email client had stored the email address and name wrong or had some bug (think outlook express). Therefore what I was suggesting is to use some other version of email client, point it's SMTP outgoing setup to YOUR mail server, type in just the plain email address without the <Contact Name> Part at the front and try sending a test message to the problem address.
Error 553 generally means "mailbox name not allowed". This might happen if your email client had stored the email address and name wrong or had some bug (think outlook express). Therefore what I was suggesting is to use some other version of email client, point it's SMTP outgoing setup to YOUR mail server, type in just the plain email address without the <Contact Name> Part at the front and try sending a test message to the problem address.
For our more savvy users, here is information on the extra headers that each message will contain.
X-Barracuda-Spam-Flag: YES
This tag will be present if the Barracuda believes the message to be spam, if it has a score of 3.5. If you believe this is too restrictive, you may base your filter on the X-Barracuda-Spam-Score header instead. This header will not be present otherwise if the score is lower than 3.5.
X-Virus-Scanned: by Barracuda Spam Firewall at dcn.davis.ca.us
This tag will be present in all messages scanned by the Barracuda.
X-Barracuda-Spam-Score
The Barracuda scores messages by using SpamAssassin, and this tag reports that score. Messages with a score of 3.5 or higher will contain a "[SPAM?]" subject prefix. Messages that score 9 or higher will not be delivered to your mailbox.
X-Barracuda-Spam-Status
This tag mentions which SpamAssassin rules matched with the message.
X-Barracuda-Spam-Report
This tag includes a detailed report on the rules matched with the message. It will look something like this:
pts rule name description
---- ---------------------- --------------------------
0.3 NO_REAL_NAME From: does not include a real name
1.7 HTML_IMAGE_ONLY_06 BODY: HTML: images with 400-600 bytes of words
0.1 HTML_60_70 BODY: Message is 60% to 70% HTML
0.6 HTML_WEB_BUGS BODY: Image tag intended to identify you
0.1 HTML_FONTCOLOR_BLUE BODY: HTML font color is blue
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 HTML_FONTCOLOR_UNSAFE BODY: HTML font color not in safe 6x6x6 palette
0.1 HTML_TAG_EXISTS_TBODY BODY: HTML has "tbody" tag
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.5 HTML_FONT_INVISIBLE BODY: HTML font color is same as background
0.1 HTML_FONTCOLOR_RED BODY: HTML font color is red
1.1 MAILTO_TO_SPAM_ADDR URI: Includes a link to a likely spammer email
0.2 HTTP_WITH_EMAIL_IN_URL URI: 'remove' URL contains an email address
X-Barracuda-Spam-Flag: YES
This tag will be present if the Barracuda believes the message to be spam, if it has a score of 3.5. If you believe this is too restrictive, you may base your filter on the X-Barracuda-Spam-Score header instead. This header will not be present otherwise if the score is lower than 3.5.
X-Virus-Scanned: by Barracuda Spam Firewall at dcn.davis.ca.us
This tag will be present in all messages scanned by the Barracuda.
X-Barracuda-Spam-Score
The Barracuda scores messages by using SpamAssassin, and this tag reports that score. Messages with a score of 3.5 or higher will contain a "[SPAM?]" subject prefix. Messages that score 9 or higher will not be delivered to your mailbox.
X-Barracuda-Spam-Status
This tag mentions which SpamAssassin rules matched with the message.
X-Barracuda-Spam-Report
This tag includes a detailed report on the rules matched with the message. It will look something like this:
pts rule name description
---- ---------------------- --------------------------
0.3 NO_REAL_NAME From: does not include a real name
1.7 HTML_IMAGE_ONLY_06 BODY: HTML: images with 400-600 bytes of words
0.1 HTML_60_70 BODY: Message is 60% to 70% HTML
0.6 HTML_WEB_BUGS BODY: Image tag intended to identify you
0.1 HTML_FONTCOLOR_BLUE BODY: HTML font color is blue
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 HTML_FONTCOLOR_UNSAFE BODY: HTML font color not in safe 6x6x6 palette
0.1 HTML_TAG_EXISTS_TBODY BODY: HTML has "tbody" tag
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.5 HTML_FONT_INVISIBLE BODY: HTML font color is same as background
0.1 HTML_FONTCOLOR_RED BODY: HTML font color is red
1.1 MAILTO_TO_SPAM_ADDR URI: Includes a link to a likely spammer email
0.2 HTTP_WITH_EMAIL_IN_URL URI: 'remove' URL contains an email address
So, it looks like the spam filter has said your message is fine, since it got a score of 0.
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=3.0 QUARANTINE_LEVEL=9.0 KILL_LEVEL=3.5
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=3.0 QUARANTINE_LEVEL=9.0 KILL_LEVEL=3.5
Further to my original suggestion, next maybe investigate this line:
Received: from mail.musowls.org (unknown [66.162.168.3])
I think your FQDN should be in place of that unkown? If that was the problem it would explain the 553 error.
Received: from mail.musowls.org (unknown [66.162.168.3])
I think your FQDN should be in place of that unkown? If that was the problem it would explain the 553 error.
ASKER
The person in charge of the server on the other end is seeing the SMTP log as
Tue, Nov 9, 2004 2:10:48 PM - SMTP Server has rejected a message from <me@MUSOwls.org>. Preferences for host "MUSOwls.org" indicate mail from this host is to be rejected.
When I try and send an email. She says it's getting past the baracuda. Also the email server is an
Appleshare IP 6.3
Tue, Nov 9, 2004 2:10:48 PM - SMTP Server has rejected a message from <me@MUSOwls.org>. Preferences for host "MUSOwls.org" indicate mail from this host is to be rejected.
When I try and send an email. She says it's getting past the baracuda. Also the email server is an
Appleshare IP 6.3
ASKER
Problem is solved. It was on the other School's end. Here's the reply of what they did on the other end
"I really don't know. I called TW telecom and they didn't think it was on there end. Even though the bounce msg you received said it was from the Barracuda, that was not the problem. The Barracuda Spam filter show all mail from MUS being allowed. The only thing I did was delete MUS from the HOST list (it was cached) and added it back manually. I suppose that could have been the problem, but don't know for sure. "
So she deleted MUS from the apple servers HOST list and readded it.
"I really don't know. I called TW telecom and they didn't think it was on there end. Even though the bounce msg you received said it was from the Barracuda, that was not the problem. The Barracuda Spam filter show all mail from MUS being allowed. The only thing I did was delete MUS from the HOST list (it was cached) and added it back manually. I suppose that could have been the problem, but don't know for sure. "
So she deleted MUS from the apple servers HOST list and readded it.
glad to hear you got it fixed... didn't think it was a problem on your end... corrupted cache list... hmm... that would explain the unknown in the header... have to remember that one...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It might be worth trying from a different email client and/or by just typing the recipient address only in the to field.