Solved

Outgoing mail to one outside domain is stuck

Posted on 2006-06-13
18
347 Views
Last Modified: 2010-03-06
For the past few days I have been having problems sending email messages to receipants of a single domain. To be clear this is an external internet domain -- not an active directory domain.

My users are receiving NDR Delay messages, and ultimatly NDR messages for these emails. I have looked thourhg the Event Logs and enchange logs but can not figure out what the problem is. From System Manager I can see the messages sitting in the queue.

I am able to use nslookup from the exchange server and return the mail servers that we should be connecting to.

Does anyone have any suggestions on what I can do here?
0
Comment
Question by:richard_west
  • 7
  • 3
  • 3
  • +3
18 Comments
 
LVL 13

Expert Comment

by:eatmeimadanish
Comment Utility
You may need to create an smtp connector to the domains in question.

http://www.amset.info/exchange/smtp-connector.asp

Let me know.
0
 
LVL 13

Expert Comment

by:eatmeimadanish
Comment Utility
Also, one other thing, make sure you have a reverse DNS entry setup with your ISP.  This isn't always done on their side, and many mail servers require this before allowing mail connections.  

You can check this at http://www.dnsstuff.com
0
 
LVL 27

Expert Comment

by:Exchange_Admin
Comment Utility
FYI
In the future post the actual NDR. This helps in resolving the issue.
More than likely the above suggestions will resolve your issue.
0
 
LVL 4

Expert Comment

by:Nat_c
Comment Utility
Hi richard_west,

Was there anything in the  NDR to explain what the problem was? can you post an example of the NDR.

eatmeimadanish could be along the right line with it being a reverse DNS issue, but if that's the case I would expect you to have problems sending to more than one domain, aol.com among others.

Nat
0
 
LVL 1

Author Comment

by:richard_west
Comment Utility
Your message did not reach some or all of the intended recipients.

      Subject:      RE: Subject was here
      Sent:      6/13/2006 10:01 AM

The following recipient(s) could not be reached:

      'Leon.Black@<<domainwashere>>.com' on 6/13/2006 10:28 AM
            This message was rejected due to the current administrative policy by the destination server.  Please retry at a later time.  If that fails, contact your system administrator.
            <mail.<<mydomainwashere>>.com #4.3.2>
0
 
LVL 1

Author Comment

by:richard_west
Comment Utility
The domain I'm sending the mail message to is equifax.com

I'm posting this in another message to prevent spam bots from seeing it, however I think that the domain name would be helpful in any suggestions that you might have.
0
 
LVL 5

Expert Comment

by:Amitspeedstar
Comment Utility

I think u will have to create a smtp connector for the particular domain from which the NDR is coming , try doing this and then report back with the detailed NDR this time , But i think it will resolve the problem .

Amit.
0
 
LVL 4

Expert Comment

by:Nat_c
Comment Utility
Did you use the link from eatmeimadanish to test if you have reverse DNS configured?

You could also try running a dns report from www.dnsreport.com, this should highlight any other DNS issues that could cause this problem.

Nat
0
 
LVL 1

Author Comment

by:richard_west
Comment Utility
My reverse DNS is configured, and I did verify it at dnsstuff.com
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 9

Expert Comment

by:Exchgen
Comment Utility
I feel the issue is on the remote end... did you check your outgoing IP, weather it is listed in any blacklist?

Also confirm that you have a reverse PTR for your outgoing IP and not the MX registered.

Raghu
0
 
LVL 1

Author Comment

by:richard_west
Comment Utility
Yes my reverse PTR is to the server sending the mail -- not the server that we have MX records for. I have checked and we are not on any blacklist -- at least according to dnsstuff.com.

I'm trying to contact someone on the remote end now -- but Equifax is a huge company and getting to the right people will be difficult at best.
0
 
LVL 9

Accepted Solution

by:
Exchgen earned 500 total points
Comment Utility
I agree to your concern...

Do we have any firewall running any kind of SMTP proxy or filtering?

Run your MX ip against www.checkdns.net and paste the output, you may want to rename domain names and IP.

Did we try smarthosting to the destination domain by creating a dedicated connector?

Raghu
0
 
LVL 13

Expert Comment

by:eatmeimadanish
Comment Utility
Have you built an SMTP connector yet and tried that?
0
 
LVL 1

Author Comment

by:richard_west
Comment Utility
I am in the process of building the connector right now. The hold up is determinig the address of my ISP smart host.

I will post back in a few minutes with those results.
0
 
LVL 1

Author Comment

by:richard_west
Comment Utility
Is there anyway to see the actuall error message returned from the remote SMTP server?
0
 
LVL 4

Expert Comment

by:Nat_c
Comment Utility
You can try telneting to "smtp1.experian.com 25" and try sending a message that way
0
 
LVL 1

Author Comment

by:richard_west
Comment Utility
Thanks for everyones help.

Turns out the problem was at our Firewall. For some reason it deceided that www.equifax.com was a spyware site and was blocking it. Let that be a warning to anyone using a Watchguard firewall -- the "smart" rules they have are not smart. Furthermore to disable them you must restart your firewall, even though you are told you do not have to -- it's a bug.
0
 
LVL 9

Expert Comment

by:Exchgen
Comment Utility
:D

Told you firewall....

Raghu
0

Featured Post

Promote certifications in your email signature

Has your company recently won an award or achieved a certification? They'll no doubt want to show it off. Email signature images used to promote certifications & awards can instantly establish credibility with a recipient and provide you with numerous benefits.

Join & Write a Comment

Suggested Solutions

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now