Exchange 2003 server; Getting 503 reject messages intermittently from only one recipient

We receive these mail rejects periodically from only one recipient.  All other mail works fine and has been fine for 4 years.  When we receive this reject, subsequent mail to this recipient works for one to several days, then we get a reject again.  It may actually reset daily - we are a 24-hour operation so it is difficULt to tell.  We will get these rejects for mail sent to any user in the recipient's domain.

The reject message we get is:

The following recipient(s) cannot be reached:

      Sample User on 11/3/2008 9:34 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <email.int.ourdomain.org #5.5.0 smtp;503 This mail server requires authentication when attempting to send to a non-local e-mail address. Please check your mail client settings or contact your administrator to verify that the domain or address is defined for this server.>

We are running MS Server 2003 running Exchange Server 2003 SP2.

The recipient is using a Barracuda device and says when this happens he does not see the mail even hitting his filter.

I can successfully perform an NSLookup internally and it resolves to the recipient correctly.

Any ideas would be GREATLY appreciated.
Nyn11TechAsked:
Who is Participating?
 
buddholeConnect With a Mentor Commented:
"It seems we are resolving it wrong on the first attempt, but subsequent attempts get it right. " . Is it possbile to post some logs ? This sounds strange.
The client could contact Network Solutions, but first triple check your own DNS setup. Incorrect resolving could caused by a problem at your side.
0
 
Yossarian-22Commented:
This looks like a problem on the Barracuda filter. It denies your emails stating that you are trying to have an email relayed to a domain it does not know as a local one. But since once someone from inside that domain sends an email to you, inbound mails are possible for some days.
Looks like a problem with a spam filter maybe. If you get on a temporary whitelist for some days or until the device resets, it would explain this behaviour.
Ask the recipient if they could place your domain or even better your mailservers external IP on the Barracudas whitelist. This might help.
0
 
Nyn11TechAuthor Commented:
I will try that - thank you.  This first began when the admin of the recipient domain installed a Trend Micro filtering solution, and has persisted since the Trend Micro device was replaced by the Baracuda.

I welcome any other suggestions in the interim as we try this solution.
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
Nyn11TechAuthor Commented:
Our domain is whitelisted, but problem persists.  Also - the recipient says the logging on their barracuda does NOT show these attempts/rejects.  When our e-mail is rejected their Barracuda logs nothing at all.  Is this normal for a Barracuda, or could the problem be internal to us?
0
 
Yossarian-22Commented:
Try to communicate directly with the Barracuda:

telnet Barracuda-hostname 25

helo mydomain.com
mail from:me@mydomain.com
rcpt to:you@barracudadomain.com

Now the error message should be the response of the server.
Also try checking the mx-entries of the destination domain. Perhaps it has multiple mx-entries and one of those servers does not accept the destination domain.



0
 
Nyn11TechAuthor Commented:
When I Telnet I get:
220 ******************************************************************************

and every command returns "500 Syntax error, command unrecognized"

MX entries appear valid - for both of us.
0
 
buddholeCommented:
Seems to be a problem "on the other side". You might try turning on SMTP logging on your own mail server with full options to convince the sysadmin on the other side.
0
 
Nyn11TechAuthor Commented:
Thank you for all the replies.  I did turn on SMTP logging.

I checked our SMTP logs and found the mail is being sent - by us - to a totally incorrect IP address.  It seems we are resolving it wrong on the first attempt, but subsequent attempts get it right.

Looks like a DNS issue, but I am wondering if our recipient needs to check with whomever is hosting their DNS and MX records (Network Solutions), or if it is something in their ISP (from whom they purchased their public IP block).

Also - I asked our recipient (the one who we are trying to send to) if anyone else is getting mail to them rejected. At first they said "no", but now they have checked and it looks like it is not just us.  I have no deatils yet, but am I correct that it is on their end, or could it still be something with us?  We have this issue with nobody else - ever.

Thank you again!
0
 
Nyn11TechAuthor Commented:
When I ping the recipient's domain www.theirdomain.com, I get the exact IP address our mail server is trying to hit. This IP address is incorrect - it points to another domain somewhere.  Odd that http://www.theirdomain.com resolves correctly and displays the page correctly.

When I ping mail.theirdomain.com it resolves the IP address correctly.

We can duplicate these results from within another domain on another network.

They are going to talk to Network Solutions and see what's up.

My logs show our Exchange server trying to reach them at the wrong address - and it fails, then trying and succeeding to reach them at the correct address.

The intermittent nature of this is really odd, though.  We have never had this happen with any other recipient we sent mail to - and our system has remained unchanged since November 2004.

0
 
Nyn11TechAuthor Commented:
Looks like it was an issue with the recipients Host Record and/or MX Record.  The recipient contacted Network Solutions, who said they found nothing wrong, but the problem has ceased since the phone call (5 days ago).
0
All Courses

From novice to tech pro — start learning today.