Solved

Some email is being delayed then returned

Posted on 2009-03-31
14
4,903 Views
Last Modified: 2012-05-06
My domain cannot send email to yahoo.com addresses.  Same for ymail.com.  It is delayed and later rejected.  I also get immediate returns from wv.usda.gov and us.schindler.com.  I have attached the respective error messages.  You can tell which is which by the domains.  I have checked my domain name and IP in lots of rbl's and dnsbl.  Everything comes back fine.  I emailed yahoo's postmaster but don't expect a response soon.  Email is relayed from my exchange 2003 box through my barracuda networks spam firewall 300.
The e-mail system was unable to deliver the message, but did not report a specific reason.  Check the address and try again.  If it still fails, contact your system administrator.

            < spam.marchwestin.com #4.0.0 X-Spam-Firewall; connect to d.mx.mail.yahoo.com[66.196.82.7]:    server refused mail service>
 
 

The e-mail system was unable to deliver the message, but did not report a specific reason.  Check the address and try again.  If it still fails, contact your system administrator.

            < spam.marchwestin.com #5.0.0 X-Spam-Firewall; host secmf01.schindler.com[12.31.12.91] said:    550 Error: content rejected (in reply to end of DATA command)>
 
 
 

The e-mail system was unable to deliver the message, but did not report a specific reason.  Check the address and try again.  If it still fails, contact your system administrator.

            < spam.marchwestin.com #5.0.0 X-Spam-Firewall; host    kcc-mail-edge1.fsc.usda.gov[165.221.105.70] said: 550 Denied by policy. (in    reply to end of DATA command)>

Open in new window

0
Comment
Question by:waterskiwv
  • 6
  • 6
  • 2
14 Comments
 
LVL 49

Assisted Solution

by:Akhater
Akhater earned 50 total points
ID: 24033608
2 questions

1) can your ip be black/grey listed

2) do you have a PTR record pointing the the IP you are sending emails from ?

0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24033623
These could be caused by the fact that you domain does not have a PTR (rDNS) record in your public DNS zone.  This is particularly true based on the fact that yahoo.com and the usgov email servers are rejecting your mail, since they are definitely going to be checking for a PTR record as an anti-spam measure.  Contact your ISP, or log on to the control panel for your public DNS hosting company if you can, and add a PTR record for your mail server's IP address, pointing back to the actual host name of that server.  The host name MUST match the host name as shown in the email header that shows on each email you send out.
0
 

Author Comment

by:waterskiwv
ID: 24033724
IP is not black or grey listed.
There are ptr records for both my mail server and spam filter.  
0
 
LVL 49

Expert Comment

by:Akhater
ID: 24033757
Well if you are unable to send to Yahoo and AOL chances are it is because you don't have a PTR record

Some mail servers will check for a PTR record for the IP trying to send email to prevent spam.

Assuming you are sending from IP1 you will need to

create an A record pointing, say, smtp-out.yourcompany.com to IP1

and then a PTR record poitning

IP1 to smtp-out.yourcompany.com

hope it helps
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24039679
@waterskiwv - then your domain name is not marchwestin.com?  Because the email server for that domain does not have a public PTR record.  I made an assumption about that domain name, so if it isn't yours, I apologize.  Unless you have control of your public DNS zone, there's no way for you to be sure that there is a valid PTR record without doing an nslookup on it.  Even if you at one time had one, it could have been mistakenly removed - I've had this happen with some ISP's.  So, I recommend double-checking it even if you think it's already there, as this is the most common cause of the behavior you are seeing.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24039708
OK - I did another lookup on marchwestin.com just now and it did show a PTR record.  I'm wondering if it's something that's intermittent - depending upon which of your ISP's DNS servers responds, because the lookup I did yesterday definitely showed that there was no PTR found.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24039761
Or, is it possible that some of your mail is being sent with a different header?
0
Want to promote your upcoming event?

Is your company attending an event or exhibiting at a trade show soon? Are you speaking at a conference? Spread the word by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 

Author Comment

by:waterskiwv
ID: 24040130
I called ISP yesterday and they verified that there was a PTR record.  Below is source info from my barracuda after attempting to send another email to yahoo this morning...  Does the Message-ID have anything to do with it?  That is the internal server address that shows externally as exchange.marchwestin.com.  
 
X-ASG-Debug-ID: 1238597373-01bd00a00000-tu7sTC
X-Barracuda-URL: http://spam.marchwestin.com:8000/cgi-bin/mark.cgi
X-Barracuda-Orig-Rcpt: emothedog@yahoo.com
Received: from exchange.marchwestin.com (localhost [127.0.0.1])
by spam.marchwestin.com (Spam Firewall) with ESMTP id C62104FE2AB
for <emothedog@yahoo.com>; Wed,  1 Apr 2009 10:49:33 -0400 (EDT)
Received: from exchange.marchwestin.com (exchange.marchwestin.com [69.43.35.20]) by spam.marchwestin.com with ESMTP id 056ir2JEiJIiu3fm for <emothedog@yahoo.com>; Wed, 01 Apr 2009 10:49:33 -0400 (EDT)
X-Barracuda-Envelope-From: tsmith@marchwestin.com
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C9B2D8.F579D378"
X-ASG-Orig-Subj: test from tom at march westin
Subject: test from tom at march westin
Date: Wed, 1 Apr 2009 10:49:02 -0400
Message-ID: <8ABF7EF92F458A43954436F029F126BD01C693B8@mail.domain.marchwestin.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: test from tom at march westin
Thread-Index: Acmy2P+yP+I4iqFQQPaGq0/aDbSg/w==
From: "Tom Smith" <tsmith@marchwestin.com>
To: <emothedog@yahoo.com>
X-Barracuda-Connect: exchange.marchwestin.com[69.43.35.20]
X-Barracuda-Start-Time: 1238597373
X-Barracuda-Virus-Scanned: by Barracuda Spam Firewall at marchwestin.com

 
0
 

Author Comment

by:waterskiwv
ID: 24040164
Mail header shows "marchwestin.com" and not "exchange.marchwestin.com" or "spam.marchwestin.com".  
Here is a copy/paste of a mail header received by gmail.

fromTom Smith <tsmith@marchwestin.com>
to genericemail@gmail.com
date Fri, Mar 6, 2009 at 4:37 PM
subject check header
mailed-by marchwestin.com
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24040379
Can you please check the complete mail header?  The best way to do this would be if you have an external email address - send yourself an email from your internal address to the external address.  Then when you receive the email, look at the header by right-clicking on the message and going to Message Options in Outlook or if you're using Outlook Express, I think you have to go to the properties of the message.  Anyway, what you need to see is the "received from" line in the header that looks something like this:
Received: from [sendingemailserver].com ([sending IP address]) by receivingemailserver.com with Microsoft SMTPSVC(6.0.3790.3959);
The [sendingemailserver].com in your case needs to be "spam.marchwestin.com" in order for the PTR to resolve correctly.

 
0
 

Author Comment

by:waterskiwv
ID: 24041764
The sending mail server is "marchwestin.com".  You think that should be spam.marchwestin.com?  In my comment above you see the header from gmail.  I'll try and get a header from someone that uses Outlook or OE and post.  Thanks.
 
0
 

Author Comment

by:waterskiwv
ID: 24042237
From groupwise...

Return-path: <tsmith@marchwestin.com>
Received: from mx15.wvu.edu ([157.182.232.227])
      by WVUGW14.wvu.edu with ESMTP; Wed, 01 Apr 2009 14:24:42 -0400
Received: from mx15.wvu.edu (localhost [127.0.0.1])
      by localhost (Postfix) with SMTP id DB50724CD
      for <nicholas.mick@mail.wvu.edu>; Wed,  1 Apr 2009 14:24:42 -0400 (EDT)
Received: from spam.marchwestin.com (spam.marchwestin.com [69.43.35.21])
      by mx15.wvu.edu (Postfix) with ESMTP id E109424DD
      for <nicholas.mick@mail.wvu.edu>; Wed,  1 Apr 2009 14:24:18 -0400 (EDT)
X-ASG-Debug-ID: 1238610151-73dd00380000-pQBxhk
X-Barracuda-URL: http://spam.marchwestin.com:8000/cgi-bin/mark.cgi
Received: from exchange.marchwestin.com (localhost [127.0.0.1])
      by spam.marchwestin.com (Spam Firewall) with ESMTP id 428B733DA25
      for <nicholas.mick@mail.wvu.edu>; Wed,  1 Apr 2009 14:22:31 -0400 (EDT)
Received: from exchange.marchwestin.com (exchange.marchwestin.com [69.43.35.20]) by spam.marchwestin.com with ESMTP id t7PHwADHQGkFwpi5 for <nicholas.mick@mail.wvu.edu>; Wed, 01 Apr 2009 14:22:31 -0400 (EDT)
X-Barracuda-Envelope-From: tsmith@marchwestin.com
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/mixed;
      boundary="----_=_NextPart_001_01C9B2F6.B520C170"
X-ASG-Orig-Subj: copy and send me back the header info from this email.
Subject: copy and send me back the header info from this email.
Date: Wed, 1 Apr 2009 14:21:54 -0400
Message-ID: <8ABF7EF92F458A43954436F029F126BD01C694A0@mw-mail.mwwv.marchwestin.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator: <8ABF7EF92F458A43954436F029F126BD01C694A0@mw-mail.mwwv.marchwestin.com>
Thread-Topic: copy and send me back the header info from this email.
Thread-Index: Acmy9rvgq2Bjik9KTmiiJzsMeWTFIQ==
From: "Tom Smith" <tsmith@marchwestin.com>
To: <nicholas.mick@mail.wvu.edu>
X-Barracuda-Connect: exchange.marchwestin.com[69.43.35.20]
X-Barracuda-Start-Time: 1238610151
X-Barracuda-Virus-Scanned: by Barracuda Spam Firewall at marchwestin.com
X-PMX-Version: 5.5.0.356843, Antispam-Engine: 2.6.1.350677, Antispam-Data: 2009.4.1.180423
X-WVU-PMX-SCORE: Gauge=IIIIIII, Probability=8%, Report='BODY_SIZE_6000_6999 0, BODY_SIZE_7000_LESS 0, TO_NO_NAME 0, __CT 0, __CTYPE_HAS_BOUNDARY 0, __CTYPE_MULTIPART 0, __CTYPE_MULTIPART_MIXED 0, __HAS_MSGID 0, __IMS_MSGID 0, __MIME_VERSION 0, __SANE_MSGID 0'
 
This is a multi-part message in MIME format.
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 450 total points
ID: 24050885
<<Received: from spam.marchwestin.com (spam.marchwestin.com [69.43.35.21]) by mx15.wvu.edu (Postfix) with ESMTP id E109424DD >>
Ignoring the bouncing around within the wvu.edu domain, this indicates that your header does advertise the email as coming from spam.marchwestin.com at that IP address.  So, it would seem that your PTR record is correct and this shouldn't be causing any problems. Unless, as I mentioned above, there is some problem with the DNS servers where occasionally they don't respond promptly with the correct PTR information.  Is there any way you can determine whether the problem domains ALWAYS return your marchwestin.com emails or only sometimes?
One thing of note is that in the log of the rejection from the schindler.com domain, it refers to a rejection of the content of the email.  This could be a spam content filter that found something in the text of the email that caused it to be rejected.  That would certainly be beyond your control.
0
 

Author Comment

by:waterskiwv
ID: 24051515
It appears that about half of all messages have started getting through to Yahoo as of 1 or 2 AM today.  I still haven't found anything wrong on my end of things and haven't received any response since giving more information to the Yahoo postmasters the evening of the 31st.  I'll go ahead and award pts and if I ever find out what the problem or solution was I'll add another comment.
Thanks.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Easy CSR creation in Exchange 2007,2010 and 2013
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now