Exchange 2000 - Email bounces back for certain Domain

I cannot send email to a certain domain "".  My domain is and my MX Record is and my PTR is  We've been having this problem for a while.  Time Warner is our ISP and they told us to Relay all our Email through their mail server  So I went into Exchange System Manager under Servers under Protocols under SMTP and right-clicked SMTP Default Virtual Server and selected properties.  Went to Delivery tab and then Advanced button and then put in as a Smart Host.  I also made a new SMTP Connector and called it Problematic Domains and for its properties I selected Forware all mail through this connector to the following smart hosts and typed in, added my bridgehead server then went to the Address Space Tab and added an SMTP domain * then I clicked Allow messages to be relayed to this domain.  I'm not sure what else could be done.  Also if you telnet to port 25 on our it gives a weird greeting with asteriks in the greeting.

here's the NDR I get when it bounces back to me.

The following recipient(s) could not be reached: on 11/5/2004 10:58 AM
            The e-mail system was unable to deliver the message, but did not report a specific reason.  Check the address and try again.  If it still fails, contact your system administrator.
            < #5.0.0 X-Spam-Firewall; host[] said: 553 Bad    parameters to MAIL command. (in reply to MAIL FROM command)>

A more detailed analysis is the internet header of the email

Microsoft Mail Internet Headers Version 2.0
Received: from ([]) by with Microsoft SMTPSVC(5.0.2195.6713);
       Fri, 5 Nov 2004 10:57:13 -0600
Received: by (Spam Firewall)
      id 818214C00094; Fri,  5 Nov 2004 10:58:04 -0600 (CST)
Date: Fri,  5 Nov 2004 10:58:04 -0600 (CST)
From: MAILER-DAEMON (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
Message-Id: <>
Return-Path: <>
X-OriginalArrivalTime: 05 Nov 2004 16:57:13.0875 (UTC) FILETIME=[7F9CFE30:01C4C358]

Content-Description: Notification
Content-Type: text/plain

Content-Description: Delivery error report
Content-Type: message/delivery-status

Content-Description: Undelivered Message
Content-Type: message/rfc822

X-ASG-Debug-ID: 1099673884-27638-2-0
X-ASG-Whitelist:  Sender
Received: from ( [])
      by (Spam Firewall) with ESMTP id 0FE99200009C
      for <>; Fri,  5 Nov 2004 10:58:04 -0600 (CST)
Received: from (unknown [])
      by (Postfix) with SMTP id 962E557D7
      for <>; Fri,  5 Nov 2004 09:54:42 -0600 (CST)
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0
X-ASG-Orig-Subj: 10:56 a.m. Friday
Subject: 10:56 a.m. Friday
Date: Fri, 5 Nov 2004 10:57:12 -0600
Message-ID: <591676CFA5F36E48BA079A2CF80DF76C0F3E49@tc-campus.muscampus.local>
Thread-Topic: 10:56 a.m. Friday
Thread-Index: AcTDWH42FoRBwM/XSr2jx1kV48OwdQ==
From: "ME" <>
To: "MCENSORED (E-mail)" <>
X-Virus-Scanned: by Barracuda Spam Firewall at
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=3.0 QUARANTINE_LEVEL=9.0 KILL_LEVEL=3.5


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

It sounds like the recipient email address format has gotten mangled up.
It might be worth trying from a different email client and/or by just typing the recipient address only in the to field.
why did you create the second smtp virtual server?  the default smtp virtual server would have been sufficient to relay messages through your ISP...
MWhitesideAuthor Commented:
I CENSORED out the recipient email address just so no one could see it posted here ;).

And I made the second smtp virtual server just to cover all my bases.  And from the looks of the Internet Header it does look like its getting relayed through Time Warners email server.  So I'm still not sure why it's bouncing back.
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

on your default virtual smtp server is the full qualified domain name on the advanced delivery tab "tc-campus.muscampus.local"... if so... try changing it to and click check dns and see if it can resolve... then click ok... do this on the other virtual smtp server also unless you decide to get rid of it...  this way the message id will match your external domain name... it might be something with how the barracuda spam filter on their end is parsing the header...
MWhitesideAuthor Commented:
Weird.  How did you find out "tc-campus.muscampus.local"????  Did you telnet to port 25 and see that??  Changed the fqdn to about 3 days ago in the Default Virtual smtp server.  If you did see that by telneting why hasn't the change taken affect?  I restarted the Microsoft Exchange Routing Engine and the SMTP service.  And you told me to change it at the second SMTP Connector, but there isn't a place to change it.  Should I just get rid of the second one, because I only added it to try and solve this issue???  It's not for any other use.
MWhitesideAuthor Commented:
Ohh I see, you saw TC-Campus.muscampus.local in the internet Header stuff
ok... do you have a more recent header from an email that was sent back after the change had taken effect?
MWhitesideAuthor Commented:
The one I've posted is from today.  I made the change about 3 days ago.  I don't know why the tc-campus.muscampus.local would show up.  I haven't rebooted the server, so maybe the change hasn't totally taken affect.  I'm not sure why it still shows.
the only thing I could think of is a configuration problem on their barracuda... they probably need to specifically allow your domain to come through... their spam filter may be catching it... it won't necessarily give you a reason so you don't try and find a way around it...
I realise you censored it out, my suggestion was based on the error number from their server. That and the fact that neither your server nor your ISP's server could send it.
MWhitesideAuthor Commented:
Well I rebooted the server and that didn't change anything.  Does the Internet Header saying "Message-ID: <591676CFA5F36E48BA079A2CF80DF76C0F3E49@tc-campus.muscampus.local>" have anything to do with this?  How can I change it to say  And cccego2, I see what your talking about.  I tried telneting to, but couldn't.  I telneted to on port 25 and did
helo  <---- Also typed in just and that worked too
mail from:
rcpt to:
blah blah
And it all goes through fine.  I also telneted to and did the same thing and it worked.  So it doesn't seem to reject domain or  It seems that the problem is not on my end.  I think it has something to do with the barracuda.  Any more idea's?  I'm going to try and get ahold of their SMTP logs and see what it shows.
What I meant was maybe your email client like outlook express is turning the email address into a format that their mail server doesn't like.

Error 553 generally means "mailbox name not allowed". This might happen if your email client had stored the email address and name wrong or had some bug (think outlook express). Therefore what I was suggesting is to use some other version of email client, point it's SMTP outgoing setup to YOUR mail server, type in just the plain email address without the <Contact Name> Part at the front and try sending a test message to the problem address.
For our more savvy users, here is information on the extra headers that each message will contain.
X-Barracuda-Spam-Flag: YES
This tag will be present if the Barracuda believes the message to be spam, if it has a score of 3.5. If you believe this is too restrictive, you may base your filter on the X-Barracuda-Spam-Score header instead. This header will not be present otherwise if the score is lower than 3.5.
X-Virus-Scanned: by Barracuda Spam Firewall at
This tag will be present in all messages scanned by the Barracuda.
The Barracuda scores messages by using SpamAssassin, and this tag reports that score. Messages with a score of 3.5 or higher will contain a "[SPAM?]" subject prefix. Messages that score 9 or higher will not be delivered to your mailbox.
This tag mentions which SpamAssassin rules matched with the message.
This tag includes a detailed report on the rules matched with the message. It will look something like this:

pts  rule name              description
---- ---------------------- -------------------------------------------
0.3 NO_REAL_NAME           From: does not include a real name
1.7 HTML_IMAGE_ONLY_06     BODY: HTML: images with 400-600 bytes of words
0.1 HTML_60_70             BODY: Message is 60% to 70% HTML
0.6 HTML_WEB_BUGS          BODY: Image tag intended to identify you
0.1 HTML_FONTCOLOR_BLUE    BODY: HTML font color is blue
0.0 HTML_MESSAGE           BODY: HTML included in message
0.1 HTML_FONTCOLOR_UNSAFE  BODY: HTML font color not in safe 6x6x6 palette
0.1 HTML_TAG_EXISTS_TBODY  BODY: HTML has "tbody" tag
0.1 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
1.5 HTML_FONT_INVISIBLE    BODY: HTML font color is same as background
0.1 HTML_FONTCOLOR_RED     BODY: HTML font color is red
1.1 MAILTO_TO_SPAM_ADDR    URI: Includes a link to a likely spammer email
0.2 HTTP_WITH_EMAIL_IN_URL URI: 'remove' URL contains an email address
So, it looks like the spam filter has said your message is fine, since it got a score of 0.

X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=3.0 QUARANTINE_LEVEL=9.0 KILL_LEVEL=3.5
Further to my original suggestion, next maybe investigate this line:
Received: from (unknown [])
I think your FQDN should be in place of that unkown? If that was the problem it would explain the 553 error.
MWhitesideAuthor Commented:
The person in charge of the server on the other end is seeing the SMTP log as

Tue, Nov 9, 2004 2:10:48 PM - SMTP Server has rejected a message from <>. Preferences for host "" indicate mail from this host is to be rejected.

When I try and send an email.  She says it's getting past the baracuda.  Also the email server is an
Appleshare IP 6.3
MWhitesideAuthor Commented:
Problem is solved.  It was on the other School's end.  Here's the reply of what they did on the other end

"I really don't know. I called TW telecom and they didn't think it was on there end. Even though the bounce msg you received said it was from the Barracuda, that was not the problem. The Barracuda Spam filter show all mail from MUS being allowed. The only thing I did was delete MUS from the HOST list (it was cached) and added it back manually. I suppose that could have been the problem, but don't know for sure. "

So she deleted MUS from the apple servers HOST list and readded it.
glad to hear you got it fixed... didn't think it was a problem on your end... corrupted cache list... hmm... that would explain the unknown in the header... have to remember that one...
Hello... this is what I was saying above... where I said it should have your domain and it actually had "uknown". By investigating this we would have figured out that the receiving server could not resolve your domain. This turns out to be exactly the case, as you say they had some weird entry in their hosts file.

I already pointed out that the barracuda was not blocking your mail too.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.