User is unable to send email to external domain.

Hi,

User complains that after sending an email she gets bounced email. I've attached a snapshot . Please refer it for details. Our end Exchange 2003 with latest patch installed.
anupam1983Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andres PeralesCommented:
I do not see an snapshot?
0
anupam1983Author Commented:
Here is the snapshot.
snapshots.bmp
0
gke565Commented:
Your exchange server is set to only allow email relaying from authorized equipment or users.  The sender is using some type of SMTP server to send her email and your server is rejecting.  If the user has a valid need for this then add the server's IP address to your Exchange SMTP allowed relay.  This may be from her scanning something from a copier and using her return address.  All multi-function copiers that you want to allow to email need to be added to the SMTP allowed relay group.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Andres PeralesCommented:
Do an nslookup on that domain name, you will see that omni-industries.com does not exist, but omniindustries.com without the dash does, perhaps your have the wrong email address.
0
anupam1983Author Commented:
When I do NSLOOKUP for omni-industries.com, it resolves and gives Non-Authoritative answer with an IP address.

Also it has Anonymous access allowed (in SMTP VS properties section)
0
Exchange_GeekCommented:
Requesting you to paste the complete NDR rather than a screenshot.

Thanks.
0
anupam1983Author Commented:
Delivery has failed to these recipients or distribution lists:

athena.shi@omni-industries.com<mailto:athena.shi@omni-industries.com>
An error occurred while trying to deliver this message to the recipient's e-mail address. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message, or provide the following diagnostic text to your system administrator.

helen.tian@omni-industries.com<mailto:helen.tian@omni-industries.com>
An error occurred while trying to deliver this message to the recipient's e-mail address. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message, or provide the following diagnostic text to your system administrator.

The following organization rejected your message: [202.157.144.2].

________________________________
Sent by Microsoft Exchange Server 2007






Diagnostic information for administrators:

Generating server: bigfish.com

athena.shi@omni-industries.com
[202.157.144.2] #550 relaying blocked, read new mail, add 216.32.181.16 to forwarding or enable smtp authentication in y ##

helen.tian@omni-industries.com
[202.157.144.2] #550 relaying blocked, read new mail, add 216.32.181.16 to forwarding or enable smtp authentication in y ##

Original message headers:

Received: from mail211-wa4-R.bigfish.com (10.8.14.252) by  WA4EHSOBE006.bigfish.com (10.8.40.26) with Microsoft SMTP Server id  8.1.291.1; Tue, 28 Oct 2008 22:50:35 +0000
Received: from mail211-wa4 (localhost.localdomain [127.0.0.1])  by
 mail211-wa4-R.bigfish.com (Postfix) with ESMTP id C91D318082A2;        Tue, 28 Oct
 2008 22:50:34 +0000 (UTC)
X-BigFish: VS-67(zz9370Paf6W4015M1443R18c1K936fO3117K8c3I8d0R9371Pf4eMzzzz86benz2dh6bh43j61h)
X-Spam-TCS-SCL: 0:0
X-FB-SS: 5,
Received: by mail211-wa4 (MessageSwitch) id 122523422678941_23449; Tue, 28 Oct
 2008 22:50:26 +0000 (UCT)
Received: from frd01exsmtp01.ads.invitrogen.net (unknown [198.140.180.153])     by
 mail211-wa4.bigfish.com (Postfix) with ESMTP id B7D8014F8054;  Tue, 28 Oct
 2008 22:50:25 +0000 (UTC)
Received: from CBD01EXCMBX02.ads.invitrogen.net ([10.34.160.103]) by
 frd01exsmtp01.ads.invitrogen.net with Microsoft SMTPSVC(6.0.3790.1830);         Tue,
 28 Oct 2008 18:49:02 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-Class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative;
        boundary="----_=_NextPart_001_01C9394F.5EBF2DCC"
Subject: RE: Oct 24 shipping notice
Date: Tue, 28 Oct 2008 15:49:00 -0700
Message-ID: <4938706BEAA558488F1EC4833CC9F1AD032E1159@CBD01EXCMBX02.ads.invitrogen.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Oct 24 shipping notice
Thread-Index: AckOEA9lkIj9du/sSJeAolLWFO5uFwAF+1wQABx8D6ABgJ1+EADDEBsgBtzZk0AAdFdJsADiFMvwAAIwCCAADj6sEAAQ/8RAAAAPb7AAAsamQAAFUdwwAAzQXRA=
From: "Drucas, Jeanine" <jeanine.drucas@invitrogen.com>
To: <athena.shi@omni-industries.com>
CC: <helen.tian@omni-industries.com>, "Ayach, Janet"
        <janet.ayach@invitrogen.com>, "Marian Roem (DHL US)" <marian.roem@dhl.com>,
        "Stacey Kwiat (DHL US)" <Stacey.Kwiat@dhl.com>
X-OriginalArrivalTime: 28 Oct 2008 22:49:02.0719 (UTC) FILETIME=[5FADB8F0:01C9394F]
Return-Path: jeanine.drucas@invitrogen.com

0
anupam1983Author Commented:
Hi,

Do you need any other information, then please let me know!

Thanks,
Anupam
0
Exchange_GeekCommented:
This is pretty interesting, when i tried to telnet to omni-industries.com using your domain reference i was allowed to drop an email.

However, it sounds a bit funny when i did a lookup for the ip address of IP ADDRESS 216.32.181.16 using the information below.

[202.157.144.2] #550 relaying blocked, read new mail, add 216.32.181.16 to forwarding or enable smtp authentication in y ##

helen.tian@omni-industries.com
[202.157.144.2] #550 relaying blocked, read new mail, add 216.32.181.16 to forwarding or enable smtp authentication in y ##

Look what i found.

http://www.projecthoneypot.org/ip_216.32.181.16
http://www.phishbucket.org/main/index.php?option=com_content&task=view&id=3583

Question of the Day: Does this IP range belong to your company ????
0
anupam1983Author Commented:
Wow! The first link was understandable to me, which says that 216.32.181.16 is used for spamming/dictionary attacks, correct?

What u did in the 2nd link was not clear to me. So if u can plz gimme some hints.

I am 99% sure this IP doesn't belong to us, since when I did NSLOOKUP I also got the same error (what u've recieved, #550) till yesterday. But today, without knowing anything Glenn, a colleague added OMNI-INDUSTRIES.com to allow sender list, then onwards after doing NSLOOKUP I am getting the following result:

Outbound-wa4.frontbridge.com
216.32.181.16

I've no idea what is cooking behind this scenario..Simply clueless..

Many Thanks,
Anupam
0
Exchange_GeekCommented:
You understood the first link perfectly fine.

I wanted to show you this............in the second link - this is similar to what you posted - right ??

Received: from 216.32.181.16  (EHLO WA4EHSOBE003.bigfish.com)
(216.32.181.16)
  by mta442.mail.re4.yahoo.com with SMTP; Fri, 04 Jul 2008 06:06:54 -0700
Received: from mail107-wa4-R.bigfish.com (10.8.14.252) by  WA4EHSOBE003.bigfish.com (10.8.40.23) with Microsoft SMTP Server id  8.1.240.5; Fri, 4 Jul 2008 13:06:28 +0000
Received: from mail107-wa4 (localhost.localdomain [127.0.0.1])    by
 mail107-wa4-R.bigfish.com (Postfix) with ESMTP id DE28511F0322;    Fri,
4 Jul
 2008 13:06:27 +0000 (UTC)
Received: by mail107-wa4 (MessageSwitch) id 1215176787577866_13146; Fri,  4  Jul 2008 13:06:27 +0000 (UCT)
Received: from mail8.uno.edu (mail8.uno.edu [137.30.242.55])    by
 mail107-wa4.bigfish.com (Postfix) with ESMTP id 2707E1198065;    Fri,  4 Jul
 2008 13:06:25 +0000 (UTC)
0
anupam1983Author Commented:
Ahaa! Oh my God! :O(  
U r absolutely right! So what do I do now? Have u ever faced this problem before??

But how come this IP address was being used by our internal client was using to send email to an external client????

Many Thanks,
Anupam
0
Exchange_GeekCommented:
I would suggest contact your ISP about this matter - second, contact the other domain and show them this report and ask them about how to get across this - seems they are getting hit by this pretty often.

I have come across SMTP Spoofing but then it seems that these emails are being sent across as legitimate so no counters for relaying in it (which i originally had a gut feeling)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
anupam1983Author Commented:
Ok Master! I'll definitely do that. I guess this much information is more than sufficient for me. Further if I require some help I'll always look forward to you.

You are just fantastic! I know I am not elligible to assign you those marks, but still I've to.

Bye, take care......
Anupam
0
anupam1983Author Commented:
You are just a Gem! Brilliant way of tracing a problem and extreme accuracy of finding out the root cause... GOD BLESS YOU!!

Billions of thanks!!!!!!!!!!!!
0
Exchange_GeekCommented:
glad to have assisted you, please feel free to post your queries at EE Forum, we would be there to always assist you.

Take Care.

God Bless.

0
anupam1983Author Commented:
Hi Master,

I've checked with my senior and he gave me this link http://www.trustedsource.org/query/frontbridge.com which shows it's an external domain and also the IP address is a valid one.
Here I am confused completely. Can you please help me out??

Thanks,
Anupam
0
Exchange_GeekCommented:
Buddy, i would still contact the other domain and ask them why such messages are being thrown at your emails.

0
anupam1983Author Commented:
Alright sir! As u advised we've spoke to other domain and our domain is now added to their allow sender list, I mean whitelist.

But the IP 216.32.181.16 is still confusing siince one report says it is used for spaming and the other one says its a valid IP for another external domain. This is where my confusion is.....
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.