Solved

Emails from one customer not being recieved or sent

Posted on 2008-06-18
24
588 Views
Last Modified: 2012-06-27
Hi,
We have Intermittent problems sending and receiving email from one of our customers, sometimes email we send them they do not receive and sometimes email they send us we do not receive. However we have no other email problems such as this with any other customers.

It doesnt appear to be one particular recipient with our customers thats haveing problems, its any email recipient with that particular domain.

Anybody have any suggestions on how I could find out what could be causing the problem?, the customer thinks its not there problem and its a problem our end, but we think it could be a problem their end, either way id like to try to establish what could be causing the problem or at least prove its not a problem with our systems.

We use Outlook 2003 and SBS 2003. So far ive done the following:
I cheked our spam email system to see if any email has been blocked here instead but cant find any.  
Checked to see if we or our customers are on any blacklists - neither of us are
ive used telnet to send a test email to our supplies email address and all seems ok - they recieved the email fine and i also got them to send me a test email using telent and i it seems to be fine - i recieved the email.

Also I used message tracking on the SBS 2003 server and looked to see if messages are passing through our emails server - All the emails from our supplier seem to reach our exchange server fine and messages are delivered to our email recipients inbox fine.

The sender (our supplier) has found an NDR email when they tried to email us which suggests they may have had NDR's before but just deleted them.

They emailed me the NDR and it says "Some or all of the recipient did not receive the message you submit" The recipient can not be served on the following:

WOO5UK-Bob Hedges (E-mail) at 4:41 pm 2008/5/28
             You do not have permission to send the recipient. For assistance, please contact the system administrator


From: administrator
Write to: WOO5UK-Bob Hedges (E-mail)
Sent Date: May 28, 2008 Wednesday, 4:41 pm
Subject: spec
Some or all of the recipient did not receive the message you submit.

       Subject: spec
       Send date: 4:36 pm 2008/5/28

This suggets some kind of permissions set up on their server are causing the problems.

any suggestions?, is this likely to be a problem their end?

Kevin
0
Comment
Question by:kevin1983
  • 15
  • 9
24 Comments
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
It could be that your PTR records aren't setup quite right.
The PTR record should have a matching A record that points back to the same IP address and this should match the EHLO name or FQDN of the exchange server.

If you have multiple mail servers NAT behind one firewall create multiple PTR records for the same IP.

Many exchange servers announce themselves as servername.mydomain.local which cannot be found in the DNS.

To check this in your exchange go into Exchange System Manager
Expand Servers->SERVERNAME->Protocols->SMTP->Default
Right Click then Properties
Delivery TAB
Advanced Button
change the fully qualified domain name to match your DNS entries.

See section 2.1 or RFC1912.
0
 

Author Comment

by:kevin1983
Comment Utility
Hello thanks for your reply,

Ok ive checked our fully qualified domain name and the entry is correct, i also clicked on the check DNS button here and it said: "The domain name is valid" do you think our suppliers need to check this on their exchange server incase there FQDN is incorrect?. we only have the one email server (using SBS 2003)

Please can you clarify what you meant by See section 2.1 or RFC1912? do you mean in a help file somewhere?

Anyone have any other suggestions?
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
0
 

Author Comment

by:kevin1983
Comment Utility
Hm ok ive looked through that document but not so sure what else we could do to resolve the problem, in your view do you think its most likely a problem our end on our email server? or is the problem more likely to be on our customers email server?.

Any suggestions on other key settings i could check on our email server?

0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
The from address of the administrator sending the bounce back to you,  Is that an address at your end or the other end?

Can you tell us the public IP address of your server(s)?

Is there more than one MX record at each end?  Perhaps if the primary server is busy, it goes to the secondary which in turn causes the problem.
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
On my Exchange Server sites I have installed a free SMTP server from http://www.hmailserver.com and I route all incoming and outgoing email through it.  hmailserver is easy to use, runs on windows and has very good logging of all SMTP conversations and this can make it much easier to determine where problems lie.
0
 

Author Comment

by:kevin1983
Comment Utility
Hi,
The from address administrator bounce back email is coming from our supplier not us, we have never seen any bounce back emails our end, our suppliers public IP adress is: 211.22.85.126 and our public ip address is 212.169.35.122, there should only be one MX record our end - is there a test i could do to confirm this? im not sure about their end. Ill could ask them

Ill have a look at that hmailserver website, although id rather avoid re-routing email unless need be.
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
126.85.22.211.in-addr.arpa domain name pointer mail.shummi.com.tw.
mail.shummi.com.tw has address 211.22.85.126
122.35.169.212.in-addr.arpa domain name pointer mail.wisdom.ltd.uk
mail.wisdom.ltd.uk has address 212.169.35.122
That's all good.

Trying 211.22.85.126...
Connected to mail.shummi.com.tw.
Escape character is '^]'.
220 smtp.shummi.com.tw Symantec Mail Security Tue, 24 Jun 2008 16:28:14 +0800

Trying 212.169.35.122...
Connected to mail.wisdom.ltd.uk.
Escape character is '^]'.
220 emailsecurity.wisdomltd.local ESMTP SonicWALL (6.1.0.9599)

.local is not resolvable in the Global DNS.  This should be fixed.
It may or may not be the cause of the problem.
Both ends actually have this problem.
Blocking of invalid HELO names is not as common as invalid PTR blocking

Host smtp.shummi.com.tw not found: 3(NXDOMAIN)
Host emailsecurity.wisdomltd.local not found: 3(NXDOMAIN)


shummi.com.tw mail is handled by 10 mail.shummi.com.tw.
wisdom.ltd.uk mail is handled by 20 mail2.wisdom.ltd.uk.
wisdom.ltd.uk mail is handled by 10 mail.wisdom.ltd.uk.
mail2.wisdom.ltd.uk has address 80.87.128.93

Trying 80.87.128.93...
Connected to mail2.wisdom.ltd.uk.
Escape character is '^]'.
220 Positive Mail Service (0.1)





0
 

Author Comment

by:kevin1983
Comment Utility
Thanks for your reply,
Ok so .local is not resolvable in the Global DNS both ends, how would we resolve this?
so the above would be blocking invalid hello names?

Our domain name: wisdom.ltd.uk does appear to have 2 MX records which are:
10 mail.wisdom.ltd.uk and 20 mail2.wisdom.ltd.uk as shown in the data you collected, could this be causing an issue? Does the rest of that data look ok to you?, any suspicions on where the problem may be?
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
93.128.87.80.in-addr.arpa domain name pointer bludger.positive-internet.com.

I did some SMTP tests on mail2.wisdom.ltd.uk (80.87.128.93) which is really bludger.positive-internet.com.

When a server tries to send mail to it with and invalid hostname such as smtp.shummi.com.tw it responds with
450 4.7.1 Client host rejected: cannot find your hostname, [IPADDRESS]


450 is a temporary error, so the sending server should try again.
0
 
LVL 19

Accepted Solution

by:
bevhost earned 500 total points
Comment Utility
Change the invalid names to match the DNS names ie

change emailsecurity.wisdomltd.local to mail.wisdom.ltd.uk in the sonicwall.
change smtp.shummi.com.tw to be mail.shummi.com.tw in the symantec security appliance
0
 

Author Comment

by:kevin1983
Comment Utility
Hm ok does that mean emails could be passing through mail2.wisdom.ltd.uk instead of mail.wisdom.ltd.uk?

ive looked on our email server and our smart host is: emailsecurity.wisdomltd.local - this is our spam hardware box (which is a sonicwall email security 300) ive checked on the sonicwall email security and the monitoring page for the backup SMTP servers its set to: mail2.wisdom.ltd.uk so unless this could be somthing to do with the problem?

 
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 19

Expert Comment

by:bevhost
Comment Utility
if the sonicwall and/or the symantec firewalls pass through the name from the inside,
you may need to change a setting in exchange or whatever.

To check this in your exchange go into Exchange System Manager
Expand Servers->SERVERNAME->Protocols->SMTP->Default
Right Click then Properties
Delivery TAB
Advanced Button
change the fully qualified domain name to match your DNS entries.
0
 

Author Comment

by:kevin1983
Comment Utility
Currently the hostname our the email security 300 is: emailsecurity.wisdomltd.local
ive looked on our email server and our smart host is: emailsecurity.wisdomltd.local and the FQ Domain Name is: wisdom.ltd.uk

Theres a Host A record in DNS under foward lookup zones within wisdom.ltd.local thats points to the private IP address of our sonicwall email security 300 with the FQDN: emailsecurity.wisdomltd.local

So you think i should change the sonicwall hostname to: mail.wisdom.ltd.uk and change the FQDN on our email sever to mail.wisdom.ltd.uk and ammend the A record in DNS also.

Please can you confirm this is what you mean?
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
Just change the hostname of the email security 300 from emailsecurity.wisdomltd.local to mail.wisdom.ltd.uk
Don't change your internal DNS settings.
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
Your external DNS settings are already correct and your internal ones don't matter.
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
The FQDN on the internal server doesn't matter unless it is exposed to the outside.
0
 

Author Comment

by:kevin1983
Comment Utility
Ok so if i change the hostname of the email security 300 from emailsecurity.wisdomltd.local to mail.wisdom.ltd.uk do i also  then need to change the smarthost on our server from: emailsecurity.wisdomltd.local to mail.wisdom.ltd.uk? or can this be left as it is?

and leave everthing else as the same?


0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
You can leave the smarthost setting as it is, or you can just put in the IP address of the internal address on the email security appliance.  No strict checking will take place on your internal connections.

So only change the host name of the security appliance.
ie the hostname is equal to the outside interface.
the internal interface(s) could be anything you like.
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
That looks better now.  all the names match....

Trying 212.169.35.122...
Connected to mail.wisdom.ltd.uk.
Escape character is '^]'.
220 mail.wisdom.ltd.uk ESMTP SonicWALL (6.1.0.9599)
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
Now all you have to do is get the other end fixed so that it doesn't get bounced by your secondary
0
 

Author Comment

by:kevin1983
Comment Utility
i was just about to say ive changed the host name of the sonicwall email security appliance, and does that look better on tests now but you just beat me to it :-)

so the. local is not resolvable in the Global DNS should not be an issue our end now but still is the other end?, ok so i should advise our suppliers to fix there end by them changing there symantec security appliances host name? (if thats what they have anyway) as i dont know there setup.



 
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
Host smtp.shummi.com.tw not found: 3(NXDOMAIN)
change smtp.shummi.com.tw to be mail.shummi.com.tw in the symantec security appliance
OR
change all the DNS entries from mail.shummi.com.tw to smtp.shummi.com.tw.
I'd say it's much easier for them to change the hostname of their firewall device.

You can check that it's done by ....
c:\> telnet mail.shummi.com.tw 25


0
 

Author Closing Comment

by:kevin1983
Comment Utility
Ok great!, many thanks for all your time/help on this, ive contacted shummi so hopefully they will fix their end soon and this issue will be resolved.
Kevin
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now