Solved

Email for certain senders being rejected

Posted on 2009-05-13
10
2,715 Views
Last Modified: 2012-05-06
I have a SBS2003 server running both exchange and ISA.  About a month ago, certain senders email started to be rejected.  They are getting the following message back:

"[xxx.xxx.xxx.xxx] #<[xxx.xxx.xxx.xxx] #5.0.0 smtp; 5.4.7 - Delivery expired (message too old) [Default] '[Errno 54] Connection reset by peer' (delivery attempts: 69)> #SMTP#

I've used the message tracking center to find the emails and they do not exist so I know they are not getting that far.  I also had the sender have someone else in his organization send an email to see if we were blocking him for some reason but it appears to be the domain.  Messages are not being blocked by the intelligent message filter either.

Only change about the same time was I went from using DynDNS to a static IP address on the DSL modem.  I only have one MX record in the DNS and it is pointing to the IP on the DSL modem.  I heard of one other sender geting this error too from a different domain, but the majority of mail is coming through with no problem.

I'm struggling to figure out where to look to see why these keep being rejected.  Thanks in advance for the help!
0
Comment
Question by:KZim
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 6

Accepted Solution

by:
nettek0300 earned 260 total points
ID: 24381527
You may need to have a reverse dns lookup put on your static IP.  Many of the big companies (comcast, aol, etc), use spam filters that require the reverse dns lookup in order to receive the email.  If you do not have the reverse dns, the email will not go through.  The best way to find out if you have this is to go to www.dnsstuff.com and put your static IP address in to see if it has a reverse lookup entry (should be host.domain).  
0
 
LVL 7

Assisted Solution

by:LANm0nk3y
LANm0nk3y earned 70 total points
ID: 24381541
Expanding on what nettek0300 said. if you're using AT&T or SBC you need to send an email to the DNS team.
Here's the reference: http://www.dslreports.com/faq/11970.  

You can also use mxtoolbox.com if your ip is on a blacklist.
0
 
LVL 10

Assisted Solution

by:Korbus
Korbus earned 170 total points
ID: 24381623
If you problem is not recieving INBOUND mail, which is what I got, I would start by checking you anti-spam software.  You can also check the DNS blacklists for those particular domains you do not recieve.
http://www.mxtoolbox.com/blacklists.aspx
You'll need to figure out thier email server's IP address, which may require some DNSlookup work.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:KZim
ID: 24381649
Thanks for the feedback.  Checked and am not blacklisted, but do not have a reverse DNS setup.  Need to get a hold of qwest.  

Help me understand two things:  First, this is someone outside my organization sending to me, and their email is being rejected as it is coming into me.  You're thinking it's because our ISP is rejecting it because our static IP doesn't have reverse lookup?

Second, what do I request in the reverse lookup?  Our domain name (ie foo.com) or the a record mail.foo.com that points to the static IP address on my dsl modem (fronting the exchange server)?  I'm thinking the mail.foo.com because of that's what's built in DNS, right?

Thanks again!
0
 
LVL 6

Assisted Solution

by:nettek0300
nettek0300 earned 260 total points
ID: 24381683
If it is inbound emails that you are not receiving, the problem may actually be the reverse of what I said.  Qwest may be block the senders for some reason, possibly because they do not have a reverse lookup.  I misunderstood the question.  I thought you were having trouble sending out.  In either case, I would go back to Qwest and explain the situation to them.  It would be handy to have a list of rejected senders and/or sender domains to give them.
0
 
LVL 7

Assisted Solution

by:LANm0nk3y
LANm0nk3y earned 70 total points
ID: 24381761
I would check to see if your port 25 is open from your ISA rules. That's if you're using ISA for packetfiltering (firewall).  Otherwise, you can check your firewall if it's blocking port tcp 25.  You can do from a remote location and following this guide: http://support.microsoft.com/kb/153119 [Don't think this is really your problem but, doesn't hurt to check]

If you fixed this, the next thing you should do is check if your MX is set up correctly on the NS of your domain. This depends on if you're using their name server or not, or if you're using your own (which i highly doubt due to security issues and what not).  [Don't think this one is either]

If all these are correct, then do you have a spam filter in place?  Intelligent message filter does not show in the message tracking, at least I don't think.  However you can set your virtual smtp to log errors and you can see if there's any clues there.  You may need to open the log in excel, because it's space delimited.  The other thing you can do is find out the sender's email server and put the ip in the RBL server you are using in your intelligent message filter or use MXtoolbox.com.
0
 

Author Comment

by:KZim
ID: 24386242
I did find out that qwest allows you to configure your reverse dns yourself at www.qwest.net/account_tools/dns

Can someone validate my other question of what do I request in the reverse lookup?  Our domain name (ie foo.com) or the a record mail.foo.com that points to the static IP address on my dsl modem (fronting the exchange server)?

I'm thinking the mail.foo.com because of that's what's built in DNS, right?  But want to get this right.

Thanks!
0
 
LVL 10

Assisted Solution

by:Korbus
Korbus earned 170 total points
ID: 24387692
If it's inbound mail thats a problem,  reverse DNS, and YOU being a a blacklist, is *irrelevant*.
Your spam blocker or ISP may be blocking the sender if THEY are on a blacklist tho.
0
 
LVL 6

Assisted Solution

by:nettek0300
nettek0300 earned 260 total points
ID: 24390225
Korbus is correct.  Reverse DNS is irrelevant with inbound issues.  If you are not having trouble sending email, I would not worry about the reverse DNS.  You need to go to Qwest and find out why your sender's are getting blocked.
0
 

Author Comment

by:KZim
ID: 24438148
After reading some other posts, I've monitored ISA (ISA 2004) to see if things are being blocked for these senders, etc.  I am seeing a lot of the following denial/error:

"A connection was abortively closed after one of the peers sent a RST segment"  And it shows it is an
fwx_e_abortive_shutdown

I read one post on this site that discusses this, but it referred to turning off reverse DNS on exchange, which I don't have on and I'm still having this issue.

Any thoughts?
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question