Solved

Getting NDR 3030 Errors for all emails sent to One specific Mail Domain mail.charter.net - SMTP unable to authenticate

Posted on 2006-06-11
21
891 Views
Last Modified: 2008-01-09
Hello,

This has been killing me.  I am not listed as a spam relay on dnsstuff.com.  I don't show any DNS issues as I can ping and resolve mail.charter.net.  I do not get NDR errors for any other domain.  I can send email no problem to anyone on the charter.net domain from my yahoo account.  My queue is stuck on retry for charter.net and when I try to authenticate to it using telnet mail.charter.net 25, I get the correct prompt.  

Our office is on Exchange 2003 with SBS 2003.  I have read the articles Q_21190821 and a few others on expert-exchange but can't seem to get anywere with this problem.  Can anyone tell me how to make the authentication with this mail domain work again?

Thank you so much in advance for any help I can get.
0
Comment
Question by:sdcoker
  • 11
  • 7
  • 3
21 Comments
 
LVL 3

Expert Comment

by:papimichel
ID: 16883441
do you have active directory configured with the same domain name ?
0
 

Author Comment

by:sdcoker
ID: 16883462
My internal domain name is domainname.local and this is what's  configured with AD

I do host three different mail domains on this same server using Recipient policies.   charter.net has always  worked  as someone hosts an e-commerce  site on one of my servers and all email  orders  received go  to  her charter.net  email account
0
 

Author Comment

by:sdcoker
ID: 16883476
Could Charter.net be rejecting my server's login for some  reason  all of a sudden?
0
 

Author Comment

by:sdcoker
ID: 16883489
I do see one other diifferent mail domain  called greaterbar.net stuck on retry in the queue.
0
 

Author Comment

by:sdcoker
ID: 16883539
I  have another server on a different class C network segment totally separated from this server who is on a different class B network and firewall  alltogether.   I tried sending an  email  to  charter.net from that Exchange server and got the same  problem.  May be a problem with  the ISP  but I've never seen this before.  Sorry about  the rambling.   just  trying to provide as much info as possible before I call the ISP.
0
 
LVL 3

Assisted Solution

by:papimichel
papimichel earned 250 total points
ID: 16883544
try to resolve charter.net  from the server machine it might give you an answer.
to do so type:
nslookup -type=mx charter.net

(from the command prompt)
you should get:
charter.net     MX preference = 10, mail exchanger = mail.charter.net

charter.net     nameserver = auth1.ns.charter.net
charter.net     nameserver = auth2.ns.charter.net
charter.net     nameserver = auth0.ns.charter.net
mail.charter.net        internet address = 209.225.8.224
auth2.ns.charter.net    internet address = 209.225.8.43

then try to telnet mail.charter.net on port 25
if succedds, there might be another technical problem..
by the way if you post the error text it could help ..

Yours,
Michel
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16885385
Have you checked, if your Exchange have any special SMTP connectors specified for this domain.

If the connector is specified incorrectly, your Exchange will not use MX record.

See, that you have only default connector and no other in Exchange.
0
 

Author Comment

by:sdcoker
ID: 16886448
papmichael,

I get
charter.net     MX preference = 10, mail exchanger = mail.charter.net

but I do not get the rest of the info below that you have starting with nameserver=auth1.ns.charter.net

I am able to successfully telnet to mail.charter.net port 25

prashsax the default SMTP connector is setup with default settings and has not changed.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16886497
Does mail.charter.net resolves for Internal IP address or a Public IP address from your exchange server.
0
 

Author Comment

by:sdcoker
ID: 16886510
it resolves doing this straight from the exchange server:

C:\>ping mail.charter.net

Pinging mail.charter.net [209.225.8.224] with 32 bytes of

Reply from 209.225.8.224: bytes=32 time=37ms TTL=50
Reply from 209.225.8.224: bytes=32 time=43ms TTL=50
Reply from 209.225.8.224: bytes=32 time=31ms TTL=50
Reply from 209.225.8.224: bytes=32 time=31ms TTL=50

Ping statistics for 209.225.8.224:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 31ms, Maximum = 43ms, Average = 35ms
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 13

Accepted Solution

by:
prashsax earned 250 total points
ID: 16886601
Can you try and send the mail directly to the mail server using telnet.

here is how, just open command prompt and type just like this.

telnet mail.charter.net 25
helo localdomainname.com
mail from:your_email_id@localdomainname.com
rcpt to:receipent_username@charter.net
data
subject:Test mail
test mail
.

Put the dot in last line.

This should give you message that your mail has been queued for delivery.

Could you try this.
0
 

Author Comment

by:sdcoker
ID: 16886738
Ok, now we see an error Prashsax.  Here is what I get:

553 #5.1.8 Domain of sender address sdcoker@domain.local> does not resolve
mail from:user@mydomain.com
250 sender user@mydomain.com> ok
rcpt to:user@charter.net
452 Too many recipients received this hour

Do you know what my next move would be on this?
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16886836
Ok, they have installed some sort of ANTI-SPAM software which limits the number of emails received per hour.

The problem is likely to be on the charter.net.

You may be lucky one some occasion when you have send mail from yahoo.com

Try and send mail from both places simultaneously.

Yahoo is able to send mails because they try for couple of hours and may be in next hour the limit of mail received is not finished.

This problem is not at your end. You need to call them.(charter.net)
0
 
LVL 3

Expert Comment

by:papimichel
ID: 16887040
digging it up finally gave us the answer..
:)

0
 

Author Comment

by:sdcoker
ID: 16889764
One of our customers who uses a user@charter.net call them and they said that the way around it would be to use the mail.charterinternet.com mail domain name.  This resolves to a different ip address then just mail.charter.net.  

How do I tell my server to use this ip for mx record?  Do I add a host A record in DNS?
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16889831
Just create a SMTP Connector for charter.net domain and specify IP address of mail.charterinternet.com.

This would make exchange to use the mail.charterinternet.com instead of MX record.

0
 
LVL 13

Expert Comment

by:prashsax
ID: 16889834
Sorry, forgot this link to Configuring SMTP connectors.

http://www.msexchange.org/tutorials/Configuring-SMTP-Connector.html
0
 

Author Comment

by:sdcoker
ID: 16890359
Hey Prashsax, I created the smtp connector for charter.net and named the address space charter.net with cost of 1 but I don't see anywhere in this article where the config is for putting in the ip address for mail.charterinternet.com.
0
 

Author Comment

by:sdcoker
ID: 16891330
Sorry, I didn't mean to address that question to one person.  Anyone?
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16893070
Goto General Tab on the connector properties.

Choose the Option of "Forward all mails through this connector......"
Then in the text box below, fill in the IP address.

Make sure your put IP address within Square brackets.

e.g [95.65.78.102]



0
 

Author Comment

by:sdcoker
ID: 16904418
Thank you Papmichel and Prashsax.

That address charter gave me didn't work but we were able to get someone over there to finally lift the block on our IP address for SMTP communication with whatever spam filter software they use.  Thanks again for your help.  I learned a lot from you guys on this one.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now