Link to home
Get AccessLog in
Avatar of scott2000666
scott2000666

asked on

email problems

I have been running this server for over a year with no problems. All of a sudden, mail to certain domains is not being delivered, is being rejected as spam, incoming mail is not coming through...with no NDRs going to the sender, etc. I am subscribed to "BlacklistedIP" which sends me notices everyday of any blacklists my domain is on...so far, it hasn't shown me as on any. As an example, I am trying to send to someone at bellsouth.net...they do not receive the email and I do not receive an NDR. I have spoken with AT&T and we are not on their blocklist. It also seems that somtimes people are unable to email us...and sometimes they get no NDR on their side. What are the actions I need to take to determine what is happening to my email?
ASKER CERTIFIED SOLUTION
Avatar of BBRazz
BBRazz
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This content is only available to members.
To access this content, you must be a member of Experts Exchange.
Get Access
Avatar of scott2000666
scott2000666

ASKER

dns and mx are fine. yes, running smtp. where is Check Reverse Path?

dnsstuff.com spam tool came up negative...not listed anywhere...

internal dns should be fine. like i said, this just started happening recently. nothing has changed...
Default SMTP Virtual Server Properties > Delivery Advanced,

Press configure under DNS and make sure there are NO entries in this section, secondaly ensure that Perform Reverde DNS Lookup on incoming messages is unticked.
nothing was listed in there...and that checkbox was unchecked already.

I ran email tests at dnsstuff.com and everything looks fine.

one person having trouble emailing us this morning just sent me a few successful test emails. the problem seems inconsistent...
Have you checked the SMTP logs to see if there is any handshake happening?
where is this? I assume i need to enable logging on the default smtp virtual server?
Correct, in the Default SMTP Server Properties, enable logging and and click advanced and tick everything.

The logs will be kept in c:\windows\system 32\logfiles\smtpsvc1\
do I need to restart the virt server after enabling?
Only if it told you it had to restart for the changes to take effect.
this is what was in the log for an email I tried to send to a bellsouth.net address:

2008-07-25 18:48:05 207.115.11.16 OutboundConnectionResponse SMTPSVC1 CKN1PMX01 - 25 - - 250-isp.att.net 0 0 15 0 3610 SMTP - - - -
2008-07-25 18:48:05 207.115.11.16 OutboundConnectionCommand SMTPSVC1 CKN1PMX01 - 25 MAIL - FROM:<sburrell@123nmc.com>+SIZE=10451 0 0 4 0 3610 SMTP - - - -
2008-07-25 18:48:06 207.115.11.16 OutboundConnectionResponse SMTPSVC1 CKN1PMX01 - 25 - - 250+ok 0 0 6 0 3891 SMTP - - - -
2008-07-25 18:48:06 207.115.11.16 OutboundConnectionCommand SMTPSVC1 CKN1PMX01 - 25 RCPT - TO:<rsbbren@bellsouth.net> 0 0 4 0 3891 SMTP - - - -
2008-07-25 18:48:06 207.115.11.16 OutboundConnectionResponse SMTPSVC1 CKN1PMX01 - 25 - - 250+ok 0 0 6 0 4141 SMTP - - - -
2008-07-25 18:48:06 207.115.11.16 OutboundConnectionCommand SMTPSVC1 CKN1PMX01 - 25 DATA - - 0 0 4 0 4141 SMTP - - - -
2008-07-25 18:48:06 207.115.11.16 OutboundConnectionResponse SMTPSVC1 CKN1PMX01 - 25 - - 354+ok 0 0 6 0 4407 SMTP - - - -
If there is no more to the log, then that email says it sent successfully.

If you leave logging on for about 10 mins and try flush the queues and post the log to find any errors?

-BBRazz
Did this...re-sent mail...everything looks fine in the log. I don't understand it...I even went over to the person's house and checked their email/JunkMail settings and there is nothing to indicate that my mail is being refused or blocked on thier end...however, it is simply not showing up.
Are you using a smart host or routing email via DNS?
DNS
so, does the clean log report mean that the email has left my network successfully? or does it mean that it's left Exchange successfully, but not necessairly gone outside of the firewall yet?

Note: I have tarpitting turned on because I have relaying allowed..because I require emails to be submitted from my sql server...not sure why this would affect outgoing mail to legitimate recipients. It's been configured this way for atleast 6 months...and my problem has only been going on for a month or so.
also note: if the person sends me an email first, i can successfully reply to it...but i cdan send a new email to them.