Mail flow problem in receiving?

Hi,
Quick resolution technique is to check the user has a valid SMTP address and that address is "published" when sending emails from that account.
thanks.

Could explain more please?
He has a valid IP but I have noticed that the domain @triwin.com.tw  IP:59.125.23.68 is blacklisted...
How can I ensure in my Exchange?

Thank you

how can I ensure that the user has a valid SMTP address and that address is published in sending emails from his account?

Thank you again?

IP:59.125.23.68 is blacklisted...

IF YOUR IP is balcklisted sure you wont be able to receive messages from internet over that domain.
you need to clear the IP from blacklist first.
DO YOU have any anti-spam solution implemented ?
Are you using an open relay on SMTP ?
check and let me know
thanks.

I have GFI Mail Essentail v12 implemented and the built-in agent of Exchange 2007 Anti-spam.

No I am not using SMTP relay, my Exchange is not an open RELAY.

MY IP is not blacklisted... sure not.

Are all uses on this domain triwin.com.tw   not able to recieve ?

is the domain triwin.com.tw   added to "accepted domains" lists in the exchagne 2007
please verify
thanks.

Sir, my exchange is not triwin.com.tw, this is not my domain, it's the sender's domain....
The sender is @triwin.com.tw

Domain is not blacklisted:
http://www.anti-abuse.org/checkrbl.php?host=triwin.com.tw
Did you check the spam folder?

So what's the problem?
It's listed on mxtoolbox.com, why triwin.com.tw resolve an IP 59.125.23.68 on mxtoolbox.com

PeakPeak: why I faced this problem?
I Tracked the sender email @triwin.com.tw and I found out:
The message is received only but not delivered to the recipient email address inside my organization:
There no other Event ID like "FAIL" or "BADMAIL"
These are the details:

Timestamp: 2008/04/11 05:32:56
Event ID: RECEIVE
Source: SMTP
08CA6932AB590841;2008-04-11T02:32:42.234Z;0
<3D4D84C1A9151548B8DD598E22B571707F460B@sbser01.triwin.com.tw>
Subject: RE: AWW's May Issue: Last Call  - RESEND
Sender: trade05@triwin.com.tw
Recipients: marketing@awwmag.com
2344197
Client IP: 192.168.10.250  [Fortigate Hardware Firewall]
Server IP: 192.168.10.21 [My Exchange]
Server Hostname: exchange
Connector ID: EXCHANGE\Default EXCHANGE
Total bytes: 24516
ReturnPath: trade05@triwin.com.tw
00A:

Why this happen?
If GFI stop the email, I will notice an Evend ID: FAIL in the message Tracking..
please any help..

workaround:-
STOP GFI temporarily and see if the message gets delivered.Bcoz once the message is arrived at the exchagne level ,exhange verifies for a valid SMTP available to be delivered to that user. I believe that before exchagne could start this process,"something" is rejecting the message directly.
NO BLAME ON GFI.but lets isolate the issue!

Hello Consultkhan,
Thanks for your reply...

Now I received the message from the sender @triwin.com.tw without stopping GFI WEIRD!!!
What is the problem, Exchange receive the message but not delivered to the recipient?

Any idea, why this happened?

Thank you

all right track the message using the senders email address and let me know.

IT could be any one of the following:-
1.It reached Exchange server but was not delivered to the recipient's INBOX
4. It reached the recipient's mailbox but does not appear in OUTLOOK.

Also do the following:-
1.Disable all processing of rules in his outlook momentarily.

update your findings.

I tracked the message using the sender email address:
Senders is: trade05@triwin.com.tw
Here are the details in the message tracking:

Timestamp: 2008/04/11 05:32:56
Event ID: RECEIVE
Source: SMTP
08CA6932AB590841;2008-04-11T02:32:42.234Z;0
<3D4D84C1A9151548B8DD598E22B571707F460B@sbser01.triwin.com.tw>
Subject: RE: AWW's May Issue: Last Call  - RESEND
Sender: trade05@triwin.com.tw
Recipients: marketing@awwmag.com
2344197
Client IP: 192.168.10.250  [Fortigate Hardware Firewall]
Server IP: 192.168.10.21 [My Exchange Server]
Server Hostname: exchange
Connector ID: EXCHANGE\Default EXCHANGE
Total bytes: 24516
ReturnPath: trade05@triwin.com.tw
00A:

It reached Exchange server but was not delivered to the recipient's INBOX...
There is no EVENT ID in the message tracking [DELIVER / STOREDRIVER] only "RECEIVE"

Please any help?

"receive" actually means its received the exchange through the connector.BUT you should also find "queued for local delivery" or "delivered to store" message in the tracking log.

Go to the exchange management shell and run
Get-MailboxServer SERVERNAME | fl *messagetracking*
COPY THE log from the location Program Files\Microsoft\Exchange Server\TransportRoles\Logs\MessageTracking.
also set the maximum logging size to keep the logs for max size
Set-TransportServer E2K7 MessageTrackingLogMaxDirectorySize 500MB (or select any value)

SEE this article for assistance
http://www.msexchange.org/tutorials/Exchange-2007-Message-Tracking-Part2.html
thanks.

I have already made this change to the message tracking from a long time ago:
Here are the details:

MessageTrackingLogEnabled               : True
MessageTrackingLogMaxAge                : 33.00:00:00
MessageTrackingLogMaxDirectorySize      : 500MB
MessageTrackingLogMaxFileSize           : 10MB
MessageTrackingLogPath                  : D:\Program Files\Microsoft\Exchange S erver\TransportRoles\Logs\MessageTrac
                                          king
MessageTrackingLogSubjectLoggingEnabled : True

then what should I  DO?

post the tracking log from the same location (full)
thanks.

which log? there are many log files inside the folder, which day?
Thanks
 

Here are the log file on 11/04/2008 and 15/04/2008

Thanks,
MSGTRKM20080410-1.LOG
MSGTRKM20080414-1.LOG

Sorry maybe I attached the log of another day!!!
?

Hello Again,
Here are the correct log files attached
MSGTRK20080409-1.LOG

Here are the second log files attached


MSGTRK20080411-1.LOG

ok give me some time.I am digging thru the logs.
thanks.

I MUST TAKE FULL MUG COFFEE FOLLOWED BY DOUBLE CHOCLATE DONUT!

Welcome MAN, DONUTS... Cheers!
Thank you.

The problem in GFI MAIL Essentials, but the weird problem that I have read their KBASE:
IF one or more GFI MailEssentials anti-spam actions are configured to "Move to the specified folder" (on the hard disk).
But in my case I don't have any actions to move the message to the HARD DISK.

Anyway, thank you very much...

Just to clarify: "Move to the specified folder" in GFI refers to folders inside the user's mailbox - not a folder on the HDD.  If GFI tries to process something destined for a folder - for instance the keyword filter is set to set to put messages in the Inbox/SPAM/Keyword folder - AND fails (in the case of a distribution group, which has no mailbox and therefore no folders) then the message will be lost.  Basically any email sent to an email  group that triggers a filter that is set to move to a folder will fail.