?
Solved

Incoming Mail not arriving, no Return data

Posted on 2007-07-25
38
Medium Priority
?
1,848 Views
Last Modified: 2012-08-14
Exchange 2003 running on SBS 2003.  Has been working great the last 6 months. As of the 23rd we are unable to receive email from certain people outside of the network.  No returns are being generated to those users, its just as if the message disappears.  

We are receiving a lot of normal email and unless someone calls to ask if we got the message we have no idea they sent it.  

Any help is appreciated
0
Comment
Question by:cbecker79934
  • 17
  • 10
  • 3
  • +5
36 Comments
 
LVL 8

Expert Comment

by:thenone
ID: 19569689
Do you have any spam filters set up?
0
 

Author Comment

by:cbecker79934
ID: 19569718
Sorry forgot to mention, no filters other that the IMF which has been deactivated.
0
 
LVL 8

Expert Comment

by:thenone
ID: 19569792
could you give me some domains so I can do some research
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:cbecker79934
ID: 19569810
mail.ropelpaso.com forwards to our IP (71.40.16.38) where the exchange server is

www.ropelpaso.com is a 3rd party hosted website...

0
 
LVL 8

Expert Comment

by:thenone
ID: 19569843
No could you give me a domain of the email that are not received.
0
 

Author Comment

by:cbecker79934
ID: 19569854
gordonmottpc.com

verderealty.com
0
 
LVL 5

Expert Comment

by:lecaf
ID: 19570175
when i telnet your email server I get

220 ropelpaso.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready
 Wed, 25 Jul 2007 15:52:06 -0600

maybe  Postfix EGGS and Butter doesn't like that try on exchange a masquarade domain like
"MAIL.ropelpaso.com" a host name not a domain


m   a    r     c
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19570200
You need to look at whether the email was actually delivered to your server or not.
Message tracking will tell you what Exchange did with the message and the SMTP logs will show if the remote server connected to your server.
As the recipient of the email there is very little you can do. The remote side needs to show the connection is being made to your server and the message delivered.

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19570214
I have checked that (message tracker) and nothing from that domain shows up after the 23rd at 2:00PM.  

Shouldnt the users sending these have some sort of a return message?
0
 
LVL 12

Expert Comment

by:Imtiaz Hasham
ID: 19570221
i tested your server and its ok to receive mails from the internet
0
 

Author Comment

by:cbecker79934
ID: 19570252
Queues all show no messages pending.  I'm starting to lose my mind.

What else can I try?

Thanks for all the help
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19570308
If message tracking doesn't show any messages from that domain after that date, then Exchange hasn't received those messages. If you have SMTP logging enabled then you could look to see if their server has connected to your server and what the failure was.

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19570320
Unfortunately I just turned logging on today...
0
 
LVL 2

Expert Comment

by:Will71
ID: 19570872
You can also ask the mail administrator of the sending server to look at their logs and see what is happening when an email is sent to your domain. Since you're not seeing it even reach your server, they should be able to see where it is failing (unless they're relaying through a smart host, in which case there would be another intermediary mail system that would need to check its logs).
0
 
LVL 7

Expert Comment

by:wct296
ID: 19571260
Find out a domain that you know you cannot receive emails from then do this - open a command window and type telnet mailserver:25 (where mailserver is your full mailserver domain name or IP)

you will be presented with a welcome message and a prompt
follow these commands

helo domain.com.au   (where domain = the domain where you cannot receive emails from) - ENTER
rcpt to: youremail@yourdomain.com  - ENTER
mail from: emailadddres@domainthatdoesnotreceivefrom.com (where the email is from someone you know you have not been able to receive emails from) - ENTER
data - ENTER
This is a test email from Me - ENTER
.

(note the dot on its own line will tell the email server that you are finished putting text into the email)

At this point it should say "Message sent" or something similar.. or you may get an error that helps you identify where the problem is...

See if you received the email

Good luck
0
 

Author Comment

by:cbecker79934
ID: 19576135
Ok I have been unable to get any help from the domains that are having trouble send us email (law firms).  So I am looking for volunteers,  would you please send an email to <email address removed> and I will post which ones I have received.  Hopefully one will get blocked and we can run with it from there.

I'm out of ideas, thanks again for your help!

Chris
0
 
LVL 2

Expert Comment

by:Will71
ID: 19576383
I just sent you one
0
 

Author Comment

by:cbecker79934
ID: 19576437
Got it, one down...
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19576450
If there is anything else installed on that machine that could be blocking messages you should start removing it.
AV, Antispam etc.
Disable IMF. Leave only recipient filtering enabled. I suspect that something is blocking the messages and the NDRs are probably being suppressed.

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19576492
No AV, AS, IMF has been disabled.   I even disabled recipient filtering for a while.  Nothing has helped.  

Ideas?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19576508
You could be looking at a corrupt SMTP stack. However I would expect that to affect all users.
What is in front of the Exchange server? A firewall? Have you checked that isn't scanning SMTP mail?
Have you actually removed the AV and Antispam software? Disabling it is not enough.

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19576538
Never installed AV or Antispam software.  It hasnt been a problem until recently...

Simple router is in front of the exchange server, I have verified that the proper ports are open.

Like you mention, why is this affecting only some incoming email and not all?

0
 

Author Comment

by:cbecker79934
ID: 19576571
Is there some way I can setup a filter or rule to accept mail from the domains that are not getting through?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19577698
Filter on what? You don't know what is blocking or causing the messages to be dropped. The messages do not appear in Exchange message tracking so Exchange hasn't got hold of the messages. If they are being delivered then something is going wrong between SMTP and Exchange. For that sort of problem there is one recommendation I would make, and that is to call Microsoft.

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19578156
How about returning to a default configuration?

Like I said everything was working fine last week...
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19578407
Resetting SMTP to a default configuration is close to impossible. If something has gone wrong with SMTP you are looking at a removal of Exchange and then IIS so that it can all be reset. Microsoft Support are the best people to talk to about that.

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19578513
OK finally I am getting some feedback from people sending email that is not getting through.  Here is one that never made it.
----
Your message did not reach some or all of the intended recipients.

      Subject:             Barracuda Networks

      Sent:                 7/24/2007 11:06 AM

The following recipient(s) could not be reached:

      cbecker@ropelpaso.com on 7/26/2007 11:18 AM

            The e-mail system was unable to deliver the message, but did not report a specific reason.  Check the address and try again.  If it still fails, contact your system administrator.
            < barracudaout.barracuda.com #4.0.0 X-Spam-Firewall; Could not start TLS: client failure>
---

 

 

 
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19578553
That isn't an Exchange server.
X-Spam-Firewall; Could not start TLS: client failure

Do you have a firewall in front of the server?
Ensure that you don't have require TLS enabled on the SMTP virtual server.

dnsreport.com is also reporting that your server is an open relay.
http://www.dnsreport.com/tools/dnsreport.ch?domain=ropelpaso.com
Info on open relay: http://www.amset.info/exchange/smtp-openrelay.asp

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19578697
Fixed the open relay issue.
Do not have a firewall in front of the server, and have verified that TLS is Not enabled.

Just got a couple of emails from one here is what the system admin said   "the problem was with a relay from one of Microsoft's mail servers to yours.  I have it set up for direct delivery now."

How can I check  /  control this?
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19578715
For inbound email there is nothing that you can do. You don't have any control over the flow that messages take getting to your server until they arrive on your server.

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19578736
So what is this guy talking about, when he says the problem was with a relay from one of MS's mail servers to ours?

0
 
LVL 104

Expert Comment

by:Sembee
ID: 19578763
No idea what so ever.

Microsoft servers? Does he mean servers on microsoft.com or IIS/Exchange servers (perhaps they are a mixed shop with some MS and some *nix servers).

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19579049
> The original message was received at Wed, 25 Jul 2007 15:29:04 -0600 (MDT)
> from [66.85.0.150]
>
>   ----- The following addresses had permanent fatal errors -----
> <jpayne@riveroaksproperties.com>
>    (reason: 403 4.7.0 TLS handshake failed.)
>
>   ----- Transcript of session follows -----
> <jpayne@riveroaksproperties.com>... Deferred
> Message could not be delivered for 1 day
> Message will be deleted from queue

Another return receipt.  
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19579072
That one has mentioned TLS again.
You do know where to check for TLS support? On the SMTP virtual server under authentication.

Simon.
0
 

Author Comment

by:cbecker79934
ID: 19579127
OK looks like i've got it.  TLS was never enabled but a certificate was installed on the SMTP virtual server.  After removing that cert.  everything seems to be flowing.  

I will update this tomorrow and close it if that is the apparent solution.

Thanks for all your help, I'm headed to the local wig shop after pulling out all my hair!

0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 21978654
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question