waterskiwv
asked on
Some email is being delayed then returned
My domain cannot send email to yahoo.com addresses. Same for ymail.com. It is delayed and later rejected. I also get immediate returns from wv.usda.gov and us.schindler.com. I have attached the respective error messages. You can tell which is which by the domains. I have checked my domain name and IP in lots of rbl's and dnsbl. Everything comes back fine. I emailed yahoo's postmaster but don't expect a response soon. Email is relayed from my exchange 2003 box through my barracuda networks spam firewall 300.
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
< spam.marchwestin.com #4.0.0 X-Spam-Firewall; connect to d.mx.mail.yahoo.com[66.196.82.7]: server refused mail service>
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
< spam.marchwestin.com #5.0.0 X-Spam-Firewall; host secmf01.schindler.com[12.31.12.91] said: 550 Error: content rejected (in reply to end of DATA command)>
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
< spam.marchwestin.com #5.0.0 X-Spam-Firewall; host kcc-mail-edge1.fsc.usda.gov[165.221.105.70] said: 550 Denied by policy. (in reply to end of DATA command)>
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
These could be caused by the fact that you domain does not have a PTR (rDNS) record in your public DNS zone. This is particularly true based on the fact that yahoo.com and the usgov email servers are rejecting your mail, since they are definitely going to be checking for a PTR record as an anti-spam measure. Contact your ISP, or log on to the control panel for your public DNS hosting company if you can, and add a PTR record for your mail server's IP address, pointing back to the actual host name of that server. The host name MUST match the host name as shown in the email header that shows on each email you send out.
ASKER
IP is not black or grey listed.
There are ptr records for both my mail server and spam filter.
There are ptr records for both my mail server and spam filter.
Well if you are unable to send to Yahoo and AOL chances are it is because you don't have a PTR record
Some mail servers will check for a PTR record for the IP trying to send email to prevent spam.
Assuming you are sending from IP1 you will need to
create an A record pointing, say, smtp-out.yourcompany.com to IP1
and then a PTR record poitning
IP1 to smtp-out.yourcompany.com
hope it helps
Some mail servers will check for a PTR record for the IP trying to send email to prevent spam.
Assuming you are sending from IP1 you will need to
create an A record pointing, say, smtp-out.yourcompany.com to IP1
and then a PTR record poitning
IP1 to smtp-out.yourcompany.com
hope it helps
@waterskiwv - then your domain name is not marchwestin.com? Because the email server for that domain does not have a public PTR record. I made an assumption about that domain name, so if it isn't yours, I apologize. Unless you have control of your public DNS zone, there's no way for you to be sure that there is a valid PTR record without doing an nslookup on it. Even if you at one time had one, it could have been mistakenly removed - I've had this happen with some ISP's. So, I recommend double-checking it even if you think it's already there, as this is the most common cause of the behavior you are seeing.
OK - I did another lookup on marchwestin.com just now and it did show a PTR record. I'm wondering if it's something that's intermittent - depending upon which of your ISP's DNS servers responds, because the lookup I did yesterday definitely showed that there was no PTR found.
Or, is it possible that some of your mail is being sent with a different header?
ASKER
I called ISP yesterday and they verified that there was a PTR record. Below is source info from my barracuda after attempting to send another email to yahoo this morning... Does the Message-ID have anything to do with it? That is the internal server address that shows externally as exchange.marchwestin.com.
X-ASG-Debug-ID: 1238597373-01bd00a00000-tu 7sTC
X-Barracuda-URL: http://spam.marchwestin.com:8000/cgi-bin/mark.cgi
X-Barracuda-Orig-Rcpt: emothedog@yahoo.com
Received: from exchange.marchwestin.com (localhost [127.0.0.1])
by spam.marchwestin.com (Spam Firewall) with ESMTP id C62104FE2AB
for <emothedog@yahoo.com>; Wed, 1 Apr 2009 10:49:33 -0400 (EDT)
Received: from exchange.marchwestin.com (exchange.marchwestin.com [69.43.35.20]) by spam.marchwestin.com with ESMTP id 056ir2JEiJIiu3fm for <emothedog@yahoo.com>; Wed, 01 Apr 2009 10:49:33 -0400 (EDT)
X-Barracuda-Envelope-From: tsmith@marchwestin.com
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:messag e
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_ 001_01C9B2 D8.F579D37 8"
X-ASG-Orig-Subj: test from tom at march westin
Subject: test from tom at march westin
Date: Wed, 1 Apr 2009 10:49:02 -0400
Message-ID: <8ABF7EF92F458A43954436F02 9F126BD01C 693B8@mail .domain.ma rchwestin. com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: test from tom at march westin
Thread-Index: Acmy2P+yP+I4iqFQQPaGq0/aDb Sg/w==
From: "Tom Smith" <tsmith@marchwestin.com>
To: <emothedog@yahoo.com>
X-Barracuda-Connect: exchange.marchwestin.com[6 9.43.35.20 ]
X-Barracuda-Start-Time: 1238597373
X-Barracuda-Virus-Scanned: by Barracuda Spam Firewall at marchwestin.com
X-ASG-Debug-ID: 1238597373-01bd00a00000-tu
X-Barracuda-URL: http://spam.marchwestin.com:8000/cgi-bin/mark.cgi
X-Barracuda-Orig-Rcpt: emothedog@yahoo.com
Received: from exchange.marchwestin.com (localhost [127.0.0.1])
by spam.marchwestin.com (Spam Firewall) with ESMTP id C62104FE2AB
for <emothedog@yahoo.com>; Wed, 1 Apr 2009 10:49:33 -0400 (EDT)
Received: from exchange.marchwestin.com (exchange.marchwestin.com [69.43.35.20]) by spam.marchwestin.com with ESMTP id 056ir2JEiJIiu3fm for <emothedog@yahoo.com>; Wed, 01 Apr 2009 10:49:33 -0400 (EDT)
X-Barracuda-Envelope-From:
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:messag
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_
X-ASG-Orig-Subj: test from tom at march westin
Subject: test from tom at march westin
Date: Wed, 1 Apr 2009 10:49:02 -0400
Message-ID: <8ABF7EF92F458A43954436F02
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: test from tom at march westin
Thread-Index: Acmy2P+yP+I4iqFQQPaGq0/aDb
From: "Tom Smith" <tsmith@marchwestin.com>
To: <emothedog@yahoo.com>
X-Barracuda-Connect: exchange.marchwestin.com[6
X-Barracuda-Start-Time: 1238597373
X-Barracuda-Virus-Scanned:
ASKER
Mail header shows "marchwestin.com" and not "exchange.marchwestin.com" or "spam.marchwestin.com".
Here is a copy/paste of a mail header received by gmail.
fromTom Smith <tsmith@marchwestin.com>
to genericemail@gmail.com
date Fri, Mar 6, 2009 at 4:37 PM
subject check header
mailed-by marchwestin.com
Here is a copy/paste of a mail header received by gmail.
fromTom Smith <tsmith@marchwestin.com>
to genericemail@gmail.com
date Fri, Mar 6, 2009 at 4:37 PM
subject check header
mailed-by marchwestin.com
Can you please check the complete mail header? The best way to do this would be if you have an external email address - send yourself an email from your internal address to the external address. Then when you receive the email, look at the header by right-clicking on the message and going to Message Options in Outlook or if you're using Outlook Express, I think you have to go to the properties of the message. Anyway, what you need to see is the "received from" line in the header that looks something like this:
Received: from [sendingemailserver].com ([sending IP address]) by receivingemailserver.com with Microsoft SMTPSVC(6.0.3790.3959);
The [sendingemailserver].com in your case needs to be "spam.marchwestin.com" in order for the PTR to resolve correctly.
Received: from [sendingemailserver].com ([sending IP address]) by receivingemailserver.com with Microsoft SMTPSVC(6.0.3790.3959);
The [sendingemailserver].com in your case needs to be "spam.marchwestin.com" in order for the PTR to resolve correctly.
ASKER
The sending mail server is "marchwestin.com". You think that should be spam.marchwestin.com? In my comment above you see the header from gmail. I'll try and get a header from someone that uses Outlook or OE and post. Thanks.
ASKER
From groupwise...
Return-path: <tsmith@marchwestin.com>
Received: from mx15.wvu.edu ([157.182.232.227])
by WVUGW14.wvu.edu with ESMTP; Wed, 01 Apr 2009 14:24:42 -0400
Received: from mx15.wvu.edu (localhost [127.0.0.1])
by localhost (Postfix) with SMTP id DB50724CD
for <nicholas.mick@mail.wvu.ed u>; Wed, 1 Apr 2009 14:24:42 -0400 (EDT)
Received: from spam.marchwestin.com (spam.marchwestin.com [69.43.35.21])
by mx15.wvu.edu (Postfix) with ESMTP id E109424DD
for <nicholas.mick@mail.wvu.ed u>; Wed, 1 Apr 2009 14:24:18 -0400 (EDT)
X-ASG-Debug-ID: 1238610151-73dd00380000-pQ Bxhk
X-Barracuda-URL: http://spam.marchwestin.com:8000/cgi-bin/mark.cgi
Received: from exchange.marchwestin.com (localhost [127.0.0.1])
by spam.marchwestin.com (Spam Firewall) with ESMTP id 428B733DA25
for <nicholas.mick@mail.wvu.ed u>; Wed, 1 Apr 2009 14:22:31 -0400 (EDT)
Received: from exchange.marchwestin.com (exchange.marchwestin.com [69.43.35.20]) by spam.marchwestin.com with ESMTP id t7PHwADHQGkFwpi5 for <nicholas.mick@mail.wvu.ed u>; Wed, 01 Apr 2009 14:22:31 -0400 (EDT)
X-Barracuda-Envelope-From: tsmith@marchwestin.com
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:messag e
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----_=_NextPart_ 001_01C9B2 F6.B520C17 0"
X-ASG-Orig-Subj: copy and send me back the header info from this email.
Subject: copy and send me back the header info from this email.
Date: Wed, 1 Apr 2009 14:21:54 -0400
Message-ID: <8ABF7EF92F458A43954436F02 9F126BD01C 694A0@mw-m ail.mwwv.m archwestin .com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator: <8ABF7EF92F458A43954436F02 9F126BD01C 694A0@mw-m ail.mwwv.m archwestin .com>
Thread-Topic: copy and send me back the header info from this email.
Thread-Index: Acmy9rvgq2Bjik9KTmiiJzsMeW TFIQ==
From: "Tom Smith" <tsmith@marchwestin.com>
To: <nicholas.mick@mail.wvu.ed u>
X-Barracuda-Connect: exchange.marchwestin.com[6 9.43.35.20 ]
X-Barracuda-Start-Time: 1238610151
X-Barracuda-Virus-Scanned: by Barracuda Spam Firewall at marchwestin.com
X-PMX-Version: 5.5.0.356843, Antispam-Engine: 2.6.1.350677, Antispam-Data: 2009.4.1.180423
X-WVU-PMX-SCORE: Gauge=IIIIIII, Probability=8%, Report='BODY_SIZE_6000_699 9 0, BODY_SIZE_7000_LESS 0, TO_NO_NAME 0, __CT 0, __CTYPE_HAS_BOUNDARY 0, __CTYPE_MULTIPART 0, __CTYPE_MULTIPART_MIXED 0, __HAS_MSGID 0, __IMS_MSGID 0, __MIME_VERSION 0, __SANE_MSGID 0'
This is a multi-part message in MIME format.
Return-path: <tsmith@marchwestin.com>
Received: from mx15.wvu.edu ([157.182.232.227])
by WVUGW14.wvu.edu with ESMTP; Wed, 01 Apr 2009 14:24:42 -0400
Received: from mx15.wvu.edu (localhost [127.0.0.1])
by localhost (Postfix) with SMTP id DB50724CD
for <nicholas.mick@mail.wvu.ed
Received: from spam.marchwestin.com (spam.marchwestin.com [69.43.35.21])
by mx15.wvu.edu (Postfix) with ESMTP id E109424DD
for <nicholas.mick@mail.wvu.ed
X-ASG-Debug-ID: 1238610151-73dd00380000-pQ
X-Barracuda-URL: http://spam.marchwestin.com:8000/cgi-bin/mark.cgi
Received: from exchange.marchwestin.com (localhost [127.0.0.1])
by spam.marchwestin.com (Spam Firewall) with ESMTP id 428B733DA25
for <nicholas.mick@mail.wvu.ed
Received: from exchange.marchwestin.com (exchange.marchwestin.com [69.43.35.20]) by spam.marchwestin.com with ESMTP id t7PHwADHQGkFwpi5 for <nicholas.mick@mail.wvu.ed
X-Barracuda-Envelope-From:
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:messag
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----_=_NextPart_
X-ASG-Orig-Subj: copy and send me back the header info from this email.
Subject: copy and send me back the header info from this email.
Date: Wed, 1 Apr 2009 14:21:54 -0400
Message-ID: <8ABF7EF92F458A43954436F02
X-MS-Has-Attach:
X-MS-TNEF-Correlator: <8ABF7EF92F458A43954436F02
Thread-Topic: copy and send me back the header info from this email.
Thread-Index: Acmy9rvgq2Bjik9KTmiiJzsMeW
From: "Tom Smith" <tsmith@marchwestin.com>
To: <nicholas.mick@mail.wvu.ed
X-Barracuda-Connect: exchange.marchwestin.com[6
X-Barracuda-Start-Time: 1238610151
X-Barracuda-Virus-Scanned:
X-PMX-Version: 5.5.0.356843, Antispam-Engine: 2.6.1.350677, Antispam-Data: 2009.4.1.180423
X-WVU-PMX-SCORE: Gauge=IIIIIII, Probability=8%, Report='BODY_SIZE_6000_699
This is a multi-part message in MIME format.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It appears that about half of all messages have started getting through to Yahoo as of 1 or 2 AM today. I still haven't found anything wrong on my end of things and haven't received any response since giving more information to the Yahoo postmasters the evening of the 31st. I'll go ahead and award pts and if I ever find out what the problem or solution was I'll add another comment.
Thanks.
Thanks.