Exchange 2003 server; Getting 503 reject messages intermittently from only one recipient

We receive these mail rejects periodically from only one recipient.  All other mail works fine and has been fine for 4 years.  When we receive this reject, subsequent mail to this recipient works for one to several days, then we get a reject again.  It may actually reset daily - we are a 24-hour operation so it is difficULt to tell.  We will get these rejects for mail sent to any user in the recipient's domain.

The reject message we get is:

The following recipient(s) cannot be reached:

      Sample User on 11/3/2008 9:34 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            < #5.5.0 smtp;503 This mail server requires authentication when attempting to send to a non-local e-mail address. Please check your mail client settings or contact your administrator to verify that the domain or address is defined for this server.>

We are running MS Server 2003 running Exchange Server 2003 SP2.

The recipient is using a Barracuda device and says when this happens he does not see the mail even hitting his filter.

I can successfully perform an NSLookup internally and it resolves to the recipient correctly.

Any ideas would be GREATLY appreciated.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

This looks like a problem on the Barracuda filter. It denies your emails stating that you are trying to have an email relayed to a domain it does not know as a local one. But since once someone from inside that domain sends an email to you, inbound mails are possible for some days.
Looks like a problem with a spam filter maybe. If you get on a temporary whitelist for some days or until the device resets, it would explain this behaviour.
Ask the recipient if they could place your domain or even better your mailservers external IP on the Barracudas whitelist. This might help.
Nyn11TechAuthor Commented:
I will try that - thank you.  This first began when the admin of the recipient domain installed a Trend Micro filtering solution, and has persisted since the Trend Micro device was replaced by the Baracuda.

I welcome any other suggestions in the interim as we try this solution.
Nyn11TechAuthor Commented:
Our domain is whitelisted, but problem persists.  Also - the recipient says the logging on their barracuda does NOT show these attempts/rejects.  When our e-mail is rejected their Barracuda logs nothing at all.  Is this normal for a Barracuda, or could the problem be internal to us?
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Try to communicate directly with the Barracuda:

telnet Barracuda-hostname 25


Now the error message should be the response of the server.
Also try checking the mx-entries of the destination domain. Perhaps it has multiple mx-entries and one of those servers does not accept the destination domain.

Nyn11TechAuthor Commented:
When I Telnet I get:
220 ******************************************************************************

and every command returns "500 Syntax error, command unrecognized"

MX entries appear valid - for both of us.
Seems to be a problem "on the other side". You might try turning on SMTP logging on your own mail server with full options to convince the sysadmin on the other side.
Nyn11TechAuthor Commented:
Thank you for all the replies.  I did turn on SMTP logging.

I checked our SMTP logs and found the mail is being sent - by us - to a totally incorrect IP address.  It seems we are resolving it wrong on the first attempt, but subsequent attempts get it right.

Looks like a DNS issue, but I am wondering if our recipient needs to check with whomever is hosting their DNS and MX records (Network Solutions), or if it is something in their ISP (from whom they purchased their public IP block).

Also - I asked our recipient (the one who we are trying to send to) if anyone else is getting mail to them rejected. At first they said "no", but now they have checked and it looks like it is not just us.  I have no deatils yet, but am I correct that it is on their end, or could it still be something with us?  We have this issue with nobody else - ever.

Thank you again!
"It seems we are resolving it wrong on the first attempt, but subsequent attempts get it right. " . Is it possbile to post some logs ? This sounds strange.
The client could contact Network Solutions, but first triple check your own DNS setup. Incorrect resolving could caused by a problem at your side.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Nyn11TechAuthor Commented:
When I ping the recipient's domain, I get the exact IP address our mail server is trying to hit. This IP address is incorrect - it points to another domain somewhere.  Odd that resolves correctly and displays the page correctly.

When I ping it resolves the IP address correctly.

We can duplicate these results from within another domain on another network.

They are going to talk to Network Solutions and see what's up.

My logs show our Exchange server trying to reach them at the wrong address - and it fails, then trying and succeeding to reach them at the correct address.

The intermittent nature of this is really odd, though.  We have never had this happen with any other recipient we sent mail to - and our system has remained unchanged since November 2004.

Nyn11TechAuthor Commented:
Looks like it was an issue with the recipients Host Record and/or MX Record.  The recipient contacted Network Solutions, who said they found nothing wrong, but the problem has ceased since the phone call (5 days ago).
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.