We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Email delay and undeliverable: Exchange Server, Sonicwall, or DNS?

GritsRGood
GritsRGood asked
on
Medium Priority
1,166 Views
Last Modified: 2013-11-30
I recently changed ISPs and the new IP used as our Sonicwall gateway address (which does NAT) did not have the reverse DNS set up correctly. We were soon blocked by spamhaus.org because of this. After we got unblocked we were soon blocked again. I'm not sure of the exact reason for being listed again, but one of the possibilities was that we had a compromised machine on our network that was a spambot.  I monitor network traffic and that did not seem to be the case to me.

Just for fun, I blocked all SMTP traffic from our LAN to the WAN only allowing traffic to two IPs...the SMTP server at our ISP and Blackberry redirection traffic.

Now folks are occasionally getting the following error:

Subject: Delivery Status Notification (Delay)
This is an automatically generated Delivery Status Notification.
THIS IS A WARNING MESSAGE ONLY.
YOU DO NOT NEED TO RESEND YOUR MESSAGE.
Delivery to the following recipients has been delayed.

       randomperson@email.com

Then days later possibly this message with "Undeliverable" in the subject line:

Your message did not reach some or all of the intended recipients.
 Subject:      RE: Joseph's email
      Sent:      7/17/2007 5:01 PM
The following recipient(s) could not be reached:
somebody@gmail.com on 7/19/2007 5:14 PM
            Could not deliver the message in the time limit specified.  Please retry or contact your administrator.
            <MAIL.MYDOMAIN.ORG #4.4.7>  <------------ Not actual domain name

This is through Exchange Server 2003 with a virtual smtp server set up to use my ISP's SMTP server.

It may be worth noting that incoming mail routes  through our web host and we also use the service of MXLogic.com for spam filtering. So when I do a reverse dns lookup everything looks fine except the following:

*ERROR* A record for mydomain.org. does not point back to original IP (A record may be cached).

Any help is greatly appreciated.





Comment
Watch Question

Expert of the Year 2007
Expert of the Year 2006
Commented:
Where did you configure the smart host? On the SMTP virtual server or on an SMTP Connector? If it was the first, do the second. IT is bad practise to put the smart host on the SMTP virtual server.

If you are getting delays from your server, then the problem is getting the email from your server to the ISP. Does the ISP have a cluster of servers for their smart host? Many do. Have you allowed access to all of the cluster?

Simon.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
It's configured on the connector. I saw that my old connector was still there (I had kept both in during the conversion...). I deleted the connector to the old ISP. Could that have caused the problem? If there are two connectors listed does it "round robin"?

I'm also checking the cluster angle. Great suggestion.
Expert of the Year 2007
Expert of the Year 2006

Commented:
If both connectors were configure for the namespace as * and the cost as 1, then they would both be used. Your old ISP may not allow connections to their smart host from outside of their network.

Simon.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.