Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Email not being sent by smarthost

Posted on 2006-06-28
9
Medium Priority
?
824 Views
Last Modified: 2008-01-09
I have an exchang 2003 server setup that has been running wihtout problems for a few years. Just this week, I changed the connector to forward mail to a smart host. This is a computer on my "optional" network as a Watchguard firewall would term it which has all ports opened between them on the firewall. Most email is being sent without problems, but I have a few that are either sitting in the queue on the smarthost (C:\Inetpub\mailroot\Queue). I have a user who got a NDR stating that his email was returned because "You do not have permission to send to this recipient".

I dont understand if that error message is coming from my side or theirs.

If I look in the event viewer on the smart host, I see a ton of smtpsvc notices that say: "Message delivery to the host 'x.x.x.x' failed while delivering to the remote domain 'x.com' for the following reason: The connection was dropped by the remote host."

What might cause this connection to be dropped?

I have run NSLOOKUP, SMTP DIAG, and checked to ensure I was setup for reverse dns. All came back saying all is OK. Both nslookup and smtp diag successfully translated the address and I am also able to
telnet to mail.domain.com 25

I dont understand enough about what may have happened while sending to the smarthost. Most email is being sent fine, but just a few are having problems.

Thanks.
0
Comment
Question by:adembo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 2

Author Comment

by:adembo
ID: 17004005
The smarthost is not a member of my domain. Reverse DNS is setup to resolve to the mail.domain.com as I have it, but that is then NAT'd to my mail server and not the smart host. Does that give problems being that the FQDN that is for my email domain is not the same as my smart host?
0
 
LVL 7

Expert Comment

by:ingetic
ID: 17004055
Is the smathost an ISP one, or a samrthost where you have full relay rights without detecting if it can be a spam or , ...
0
 
LVL 7

Expert Comment

by:ingetic
ID: 17004065
Why don't you use a smarthost if the smarthost is not in your domain instead of simply create a connector ?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 2

Author Comment

by:adembo
ID: 17004070
The smarthost is mine. I have it setup to allow relaying from my mailserver. (By IP)
0
 
LVL 2

Author Comment

by:adembo
ID: 17004084
Not sure I understand you. I did create a connector on my mail server which is forwarding the mail to my smarthost (gateway server). This is done because of our GFI mailessentials software. It can scan the email before it reaches our mailserver. I dont want the smarthost to have rights onto our domain in case of virus outbreak.

0
 
LVL 7

Expert Comment

by:ingetic
ID: 17004178
ont the smarthost, do you have GFI mailessentials . mailsecurity . ??? .
0
 
LVL 13

Accepted Solution

by:
prashsax earned 1500 total points
ID: 17004297
It could be due to some domains have installed antispam solutions.

And when your smarthost tries to send the mail on behalf of your domain, the antispam server will try and do a reverse lookup. Now the reverse lookup will resolves to some other IP address.(Other than your smarthost).

So the antispam server will drop the email as the mail server for your domain is not the one trying to send mail on your behalf.

To, solve this, create another MX record for your domain name and point to smarthost with some high preference number.(So that I should not be used).

With this, antispam server will not drop your mails.
0
 
LVL 2

Author Comment

by:adembo
ID: 17008962
It looks like this was related to my reverse dns lookup. When I went to www.dnsstuff.com and did a query for it, it showed correctly. When I sent an email to my email account (on the internet) I noticed that it had the wrong IP address for it. This was caused by my Watchguard firewall which was labeling any outgoing traffic with the same IP. When I changed that, the email is not being received by the destination.

Thanks for help.
0
 
LVL 2

Author Comment

by:adembo
ID: 17008969
I accepted prashax's response because he/she was on the right track.

0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question