hcasaol
asked on
Not able to receive emails from certain domains. SBS 2003
I am having problems receiving email from certain domains. We seem to be receiving all email from other external domains just fine. Every test message that I send to myself is received instantly. We also have no problems sending email at all.
I noticed one thing, that if I watch the "Current Connections" in the Default SMTP Virtual Server I see a connection from that domain, but no one receives a message. Eventually the sender will get a bounce back that says the Connection Died.
I read of issues with EDNS and PIX Firewalls so I have tried disabling EDNS on my server, but that did not work. We are using a Sonicwall TZ 170 for our firewall.
Any suggestions of where to look or things to try would be very appreciated.
I noticed one thing, that if I watch the "Current Connections" in the Default SMTP Virtual Server I see a connection from that domain, but no one receives a message. Eventually the sender will get a bounce back that says the Connection Died.
I read of issues with EDNS and PIX Firewalls so I have tried disabling EDNS on my server, but that did not work. We are using a Sonicwall TZ 170 for our firewall.
Any suggestions of where to look or things to try would be very appreciated.
ASKER
Thanks for the suggestions ATIG, but DNS is fine. Check for yourself - My domain is creditfinancialsvc.com.
The PTR record is mail.creditfinancialsv.com .
I am able to telnet port 25 and send email that way.
We are not on any black list.
The PTR record is mail.creditfinancialsv.com
I am able to telnet port 25 and send email that way.
We are not on any black list.
Do you know what NDR is being generated at the other end?
The issues with the PIX firewall aren't caused by EDNS but by the device intercepting SMTP traffic to see if it is bogus. Some servers don't like what it does to the SMTP handshake. Are there any kind of email filtering options on your firewall?
Simon.
The issues with the PIX firewall aren't caused by EDNS but by the device intercepting SMTP traffic to see if it is bogus. Some servers don't like what it does to the SMTP handshake. Are there any kind of email filtering options on your firewall?
Simon.
ASKER
All filtering is disabled on my Sonicwall
The NDR says:
Connected to 204.60.227.65 but connection died. (#4.4.2)
Despite repeated attempts, this message could not be delivered
The NDR says:
Connected to 204.60.227.65 but connection died. (#4.4.2)
Despite repeated attempts, this message could not be delivered
That is something interfering with the connection.
What else is on the Exchange server? AV, Antispam? Anything else?
Simon.
What else is on the Exchange server? AV, Antispam? Anything else?
Simon.
ASKER
Just Symantec AV.
Like I said, I can see a session appear when I watch "Current Connections" in the Default SMTP Virtual Server. It will usually stay there for up to 300 seconds then disappear. It will then periodically reappear with no one receiving emails from them.
Like I said, I can see a session appear when I watch "Current Connections" in the Default SMTP Virtual Server. It will usually stay there for up to 300 seconds then disappear. It will then periodically reappear with no one receiving emails from them.
try switching on diagnotistic loggin for smtp resend mails from problem domains and check the logs
ASKER
Here is the log with only connection from that domain. I put x'x in the addresses to protect the other domain.
http://204.60.227.69/files/4-25_log.xls
http://204.60.227.69/files/4-25_log.xls
did you ever get this fixed? I have the same problem
ASKER
Sorry, I forgot to update the solution.
All I had to do was upgrade the firmware on the Sonicwall TZ 170 to the latest version and everything worked fine. I think the firewall with the older firmware had problems with MTU size.
All I had to do was upgrade the firmware on the Sonicwall TZ 170 to the latest version and everything worked fine. I think the firewall with the older firmware had problems with MTU size.
As you found your own solution, you need to get this question closed off by the moderators.
Post in the Support TA (top right corner) with a link to this question asking for the moderators to close the question and refund the points.
Don't accept this as an answer.
(Moderators you might want to delete this comment).
Simon.
Post in the Support TA (top right corner) with a link to this question asking for the moderators to close the question and refund the points.
Don't accept this as an answer.
(Moderators you might want to delete this comment).
Simon.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
1. nslookup <enter>
2. set type=mx
3. domain in question
this will get you the mx of the domain you are trying to reach
telnet domain in question 25
does this connect ? if not there is an issue with connectivity
another problem could be, do you have a ptr record for your sending server that is addressable from the internet?
Verify you are not on any block/black lists