Sporadic Emails disappearing. Exchange 2003

Exchange 2003
Windows Server 03

Heres an odd one, I think its a sporadic DNS issue but maybe not. They are complaning that people are sending them messages and they never receive them.

I email a client, they never recieve the message. I email them again and they receive it.

I check their Exchange logs and sure enough the 1st message is nowhere to be found.

I check out my logs and it looks like it went through, however, its missing the server domain name. You can see it on the last line of the logs. Check it out.

heres the one that did not go through


and here is the one that did


Any ideas what could cause that problem?
Who is Participating?
That could be tarpitting or something like that. It isn't the Exchange way of doing it, as Exchange responds immediately and the tarpit is later in the sequence. Therefore it could be a third party tool that is causing the problem.

Either something is causing your connection to be disrupted initially and then allowed through or something is happening at the other end.

Most odd.

Message tracking only shows what the server that is receiving the message has in its banner. Therefore if the banner is blank or something like "220              " then message tracking will not show anything.
You can see that in the second screenshot because it has a .local address - which isn't valid on the internet.

If I had seen that message tracking log then I would say the message has been delivered correctly, it is the other side that has the problem.
You can look at their MX records using the online tools and see if they have additional servers in the MX records. That may show that they have an invalid server, or a server at an ISP which is losing the email.

BiziteksAuthor Commented:
FAIL Missing (stealth) nameservers FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNSreport will not query these servers, so you need to be very careful that they are working properly.

This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).  

FAIL Missing nameservers 2 ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

BiziteksAuthor Commented:
These are the two errors I get back from DNSReport, nothing life changing there. Problem is still continuing today. I checked out there MX records and they all come out fine as well.

Domain Type Class TTL Answer
hmscpa.com. NS IN 3600 ns1.ipowerweb.net.
hmscpa.com. MX IN 3600 mail.hmscpa.com. [Preference = 10]
hmscpa.com. NS IN 3600 ns2.ipowerweb.net.
hmscpa.com. SOA IN 3600 Primary DNS server: ns1.ipowerweb.net.
Responsible Name: hostmaster@ipowerweb.net.
Serial: 2003021702
Refresh: 80000 (22h 13m 20s)
Retry: 3600 (1h)
Expire: 604800 (1w)
Minimum/NegTTL: 86400 (1d)
hmscpa.com. A IN 3600
mail.hmscpa.com. A IN 3600
ns1.ipowerweb.net. A IN 3600
ns2.ipowerweb.net. A IN 3600
Name server errors are out of your hands.
When it comes to email you are only interested in the mail server section of dnsreport.com - nothing more.

Can you telnet to the site that has the problems on port 25?
If you can, do you see a banner, or does the cursor just sit there?

BiziteksAuthor Commented:
Hmmm I telnetting to it once, it just sat there with a blinkin cursor for about 30 seconds.

Then I tried it again immedialty after and it prompted me with the 220 SMTP message.

220 hms-server.HMS.local Microsoft ESMTP MAIL Service, Version: 6.0.3790.211 re
dy at  Thu, 4 Oct 2007 08:50:59 -0400
BiziteksAuthor Commented:
I restarted the server and it seems to have rectified the problem. Weird
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.