Solved

Emails from one customer not being recieved or sent

Posted on 2008-06-18
24
610 Views
Last Modified: 2012-06-27
Hi,
We have Intermittent problems sending and receiving email from one of our customers, sometimes email we send them they do not receive and sometimes email they send us we do not receive. However we have no other email problems such as this with any other customers.

It doesnt appear to be one particular recipient with our customers thats haveing problems, its any email recipient with that particular domain.

Anybody have any suggestions on how I could find out what could be causing the problem?, the customer thinks its not there problem and its a problem our end, but we think it could be a problem their end, either way id like to try to establish what could be causing the problem or at least prove its not a problem with our systems.

We use Outlook 2003 and SBS 2003. So far ive done the following:
I cheked our spam email system to see if any email has been blocked here instead but cant find any.  
Checked to see if we or our customers are on any blacklists - neither of us are
ive used telnet to send a test email to our supplies email address and all seems ok - they recieved the email fine and i also got them to send me a test email using telent and i it seems to be fine - i recieved the email.

Also I used message tracking on the SBS 2003 server and looked to see if messages are passing through our emails server - All the emails from our supplier seem to reach our exchange server fine and messages are delivered to our email recipients inbox fine.

The sender (our supplier) has found an NDR email when they tried to email us which suggests they may have had NDR's before but just deleted them.

They emailed me the NDR and it says "Some or all of the recipient did not receive the message you submit" The recipient can not be served on the following:

WOO5UK-Bob Hedges (E-mail) at 4:41 pm 2008/5/28
             You do not have permission to send the recipient. For assistance, please contact the system administrator


From: administrator
Write to: WOO5UK-Bob Hedges (E-mail)
Sent Date: May 28, 2008 Wednesday, 4:41 pm
Subject: spec
Some or all of the recipient did not receive the message you submit.

       Subject: spec
       Send date: 4:36 pm 2008/5/28

This suggets some kind of permissions set up on their server are causing the problems.

any suggestions?, is this likely to be a problem their end?

Kevin
0
Comment
Question by:kevin1983
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 15
  • 9
24 Comments
 
LVL 19

Expert Comment

by:bevhost
ID: 21811794
It could be that your PTR records aren't setup quite right.
The PTR record should have a matching A record that points back to the same IP address and this should match the EHLO name or FQDN of the exchange server.

If you have multiple mail servers NAT behind one firewall create multiple PTR records for the same IP.

Many exchange servers announce themselves as servername.mydomain.local which cannot be found in the DNS.

To check this in your exchange go into Exchange System Manager
Expand Servers->SERVERNAME->Protocols->SMTP->Default
Right Click then Properties
Delivery TAB
Advanced Button
change the fully qualified domain name to match your DNS entries.

See section 2.1 or RFC1912.
0
 

Author Comment

by:kevin1983
ID: 21812723
Hello thanks for your reply,

Ok ive checked our fully qualified domain name and the entry is correct, i also clicked on the check DNS button here and it said: "The domain name is valid" do you think our suppliers need to check this on their exchange server incase there FQDN is incorrect?. we only have the one email server (using SBS 2003)

Please can you clarify what you meant by See section 2.1 or RFC1912? do you mean in a help file somewhere?

Anyone have any other suggestions?
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21818249
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:kevin1983
ID: 21844470
Hm ok ive looked through that document but not so sure what else we could do to resolve the problem, in your view do you think its most likely a problem our end on our email server? or is the problem more likely to be on our customers email server?.

Any suggestions on other key settings i could check on our email server?

0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853110
The from address of the administrator sending the bounce back to you,  Is that an address at your end or the other end?

Can you tell us the public IP address of your server(s)?

Is there more than one MX record at each end?  Perhaps if the primary server is busy, it goes to the secondary which in turn causes the problem.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853128
On my Exchange Server sites I have installed a free SMTP server from http://www.hmailserver.com and I route all incoming and outgoing email through it.  hmailserver is easy to use, runs on windows and has very good logging of all SMTP conversations and this can make it much easier to determine where problems lie.
0
 

Author Comment

by:kevin1983
ID: 21853274
Hi,
The from address administrator bounce back email is coming from our supplier not us, we have never seen any bounce back emails our end, our suppliers public IP adress is: 211.22.85.126 and our public ip address is 212.169.35.122, there should only be one MX record our end - is there a test i could do to confirm this? im not sure about their end. Ill could ask them

Ill have a look at that hmailserver website, although id rather avoid re-routing email unless need be.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853398
126.85.22.211.in-addr.arpa domain name pointer mail.shummi.com.tw.
mail.shummi.com.tw has address 211.22.85.126
122.35.169.212.in-addr.arpa domain name pointer mail.wisdom.ltd.uk
mail.wisdom.ltd.uk has address 212.169.35.122
That's all good.

Trying 211.22.85.126...
Connected to mail.shummi.com.tw.
Escape character is '^]'.
220 smtp.shummi.com.tw Symantec Mail Security Tue, 24 Jun 2008 16:28:14 +0800

Trying 212.169.35.122...
Connected to mail.wisdom.ltd.uk.
Escape character is '^]'.
220 emailsecurity.wisdomltd.local ESMTP SonicWALL (6.1.0.9599)

.local is not resolvable in the Global DNS.  This should be fixed.
It may or may not be the cause of the problem.
Both ends actually have this problem.
Blocking of invalid HELO names is not as common as invalid PTR blocking

Host smtp.shummi.com.tw not found: 3(NXDOMAIN)
Host emailsecurity.wisdomltd.local not found: 3(NXDOMAIN)


shummi.com.tw mail is handled by 10 mail.shummi.com.tw.
wisdom.ltd.uk mail is handled by 20 mail2.wisdom.ltd.uk.
wisdom.ltd.uk mail is handled by 10 mail.wisdom.ltd.uk.
mail2.wisdom.ltd.uk has address 80.87.128.93

Trying 80.87.128.93...
Connected to mail2.wisdom.ltd.uk.
Escape character is '^]'.
220 Positive Mail Service (0.1)





0
 

Author Comment

by:kevin1983
ID: 21853495
Thanks for your reply,
Ok so .local is not resolvable in the Global DNS both ends, how would we resolve this?
so the above would be blocking invalid hello names?

Our domain name: wisdom.ltd.uk does appear to have 2 MX records which are:
10 mail.wisdom.ltd.uk and 20 mail2.wisdom.ltd.uk as shown in the data you collected, could this be causing an issue? Does the rest of that data look ok to you?, any suspicions on where the problem may be?
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853514
93.128.87.80.in-addr.arpa domain name pointer bludger.positive-internet.com.

I did some SMTP tests on mail2.wisdom.ltd.uk (80.87.128.93) which is really bludger.positive-internet.com.

When a server tries to send mail to it with and invalid hostname such as smtp.shummi.com.tw it responds with
450 4.7.1 Client host rejected: cannot find your hostname, [IPADDRESS]


450 is a temporary error, so the sending server should try again.
0
 
LVL 19

Accepted Solution

by:
bevhost earned 500 total points
ID: 21853565
Change the invalid names to match the DNS names ie

change emailsecurity.wisdomltd.local to mail.wisdom.ltd.uk in the sonicwall.
change smtp.shummi.com.tw to be mail.shummi.com.tw in the symantec security appliance
0
 

Author Comment

by:kevin1983
ID: 21853569
Hm ok does that mean emails could be passing through mail2.wisdom.ltd.uk instead of mail.wisdom.ltd.uk?

ive looked on our email server and our smart host is: emailsecurity.wisdomltd.local - this is our spam hardware box (which is a sonicwall email security 300) ive checked on the sonicwall email security and the monitoring page for the backup SMTP servers its set to: mail2.wisdom.ltd.uk so unless this could be somthing to do with the problem?

 
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853573
if the sonicwall and/or the symantec firewalls pass through the name from the inside,
you may need to change a setting in exchange or whatever.

To check this in your exchange go into Exchange System Manager
Expand Servers->SERVERNAME->Protocols->SMTP->Default
Right Click then Properties
Delivery TAB
Advanced Button
change the fully qualified domain name to match your DNS entries.
0
 

Author Comment

by:kevin1983
ID: 21853627
Currently the hostname our the email security 300 is: emailsecurity.wisdomltd.local
ive looked on our email server and our smart host is: emailsecurity.wisdomltd.local and the FQ Domain Name is: wisdom.ltd.uk

Theres a Host A record in DNS under foward lookup zones within wisdom.ltd.local thats points to the private IP address of our sonicwall email security 300 with the FQDN: emailsecurity.wisdomltd.local

So you think i should change the sonicwall hostname to: mail.wisdom.ltd.uk and change the FQDN on our email sever to mail.wisdom.ltd.uk and ammend the A record in DNS also.

Please can you confirm this is what you mean?
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853663
Just change the hostname of the email security 300 from emailsecurity.wisdomltd.local to mail.wisdom.ltd.uk
Don't change your internal DNS settings.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853668
Your external DNS settings are already correct and your internal ones don't matter.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853670
The FQDN on the internal server doesn't matter unless it is exposed to the outside.
0
 

Author Comment

by:kevin1983
ID: 21853714
Ok so if i change the hostname of the email security 300 from emailsecurity.wisdomltd.local to mail.wisdom.ltd.uk do i also  then need to change the smarthost on our server from: emailsecurity.wisdomltd.local to mail.wisdom.ltd.uk? or can this be left as it is?

and leave everthing else as the same?


0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853728
You can leave the smarthost setting as it is, or you can just put in the IP address of the internal address on the email security appliance.  No strict checking will take place on your internal connections.

So only change the host name of the security appliance.
ie the hostname is equal to the outside interface.
the internal interface(s) could be anything you like.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853873
That looks better now.  all the names match....

Trying 212.169.35.122...
Connected to mail.wisdom.ltd.uk.
Escape character is '^]'.
220 mail.wisdom.ltd.uk ESMTP SonicWALL (6.1.0.9599)
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21853903
Now all you have to do is get the other end fixed so that it doesn't get bounced by your secondary
0
 

Author Comment

by:kevin1983
ID: 21853952
i was just about to say ive changed the host name of the sonicwall email security appliance, and does that look better on tests now but you just beat me to it :-)

so the. local is not resolvable in the Global DNS should not be an issue our end now but still is the other end?, ok so i should advise our suppliers to fix there end by them changing there symantec security appliances host name? (if thats what they have anyway) as i dont know there setup.



 
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21860402
Host smtp.shummi.com.tw not found: 3(NXDOMAIN)
change smtp.shummi.com.tw to be mail.shummi.com.tw in the symantec security appliance
OR
change all the DNS entries from mail.shummi.com.tw to smtp.shummi.com.tw.
I'd say it's much easier for them to change the hostname of their firewall device.

You can check that it's done by ....
c:\> telnet mail.shummi.com.tw 25


0
 

Author Closing Comment

by:kevin1983
ID: 31468269
Ok great!, many thanks for all your time/help on this, ive contacted shummi so hopefully they will fix their end soon and this issue will be resolved.
Kevin
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question