Solved

Email for certain senders being rejected

Posted on 2009-05-13
10
2,622 Views
Last Modified: 2012-05-06
I have a SBS2003 server running both exchange and ISA.  About a month ago, certain senders email started to be rejected.  They are getting the following message back:

"[xxx.xxx.xxx.xxx] #<[xxx.xxx.xxx.xxx] #5.0.0 smtp; 5.4.7 - Delivery expired (message too old) [Default] '[Errno 54] Connection reset by peer' (delivery attempts: 69)> #SMTP#

I've used the message tracking center to find the emails and they do not exist so I know they are not getting that far.  I also had the sender have someone else in his organization send an email to see if we were blocking him for some reason but it appears to be the domain.  Messages are not being blocked by the intelligent message filter either.

Only change about the same time was I went from using DynDNS to a static IP address on the DSL modem.  I only have one MX record in the DNS and it is pointing to the IP on the DSL modem.  I heard of one other sender geting this error too from a different domain, but the majority of mail is coming through with no problem.

I'm struggling to figure out where to look to see why these keep being rejected.  Thanks in advance for the help!
0
Comment
Question by:KZim
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 6

Accepted Solution

by:
nettek0300 earned 260 total points
ID: 24381527
You may need to have a reverse dns lookup put on your static IP.  Many of the big companies (comcast, aol, etc), use spam filters that require the reverse dns lookup in order to receive the email.  If you do not have the reverse dns, the email will not go through.  The best way to find out if you have this is to go to www.dnsstuff.com and put your static IP address in to see if it has a reverse lookup entry (should be host.domain).  
0
 
LVL 7

Assisted Solution

by:LANm0nk3y
LANm0nk3y earned 70 total points
ID: 24381541
Expanding on what nettek0300 said. if you're using AT&T or SBC you need to send an email to the DNS team.
Here's the reference: http://www.dslreports.com/faq/11970.  

You can also use mxtoolbox.com if your ip is on a blacklist.
0
 
LVL 10

Assisted Solution

by:Korbus
Korbus earned 170 total points
ID: 24381623
If you problem is not recieving INBOUND mail, which is what I got, I would start by checking you anti-spam software.  You can also check the DNS blacklists for those particular domains you do not recieve.
http://www.mxtoolbox.com/blacklists.aspx
You'll need to figure out thier email server's IP address, which may require some DNSlookup work.
0
 

Author Comment

by:KZim
ID: 24381649
Thanks for the feedback.  Checked and am not blacklisted, but do not have a reverse DNS setup.  Need to get a hold of qwest.  

Help me understand two things:  First, this is someone outside my organization sending to me, and their email is being rejected as it is coming into me.  You're thinking it's because our ISP is rejecting it because our static IP doesn't have reverse lookup?

Second, what do I request in the reverse lookup?  Our domain name (ie foo.com) or the a record mail.foo.com that points to the static IP address on my dsl modem (fronting the exchange server)?  I'm thinking the mail.foo.com because of that's what's built in DNS, right?

Thanks again!
0
 
LVL 6

Assisted Solution

by:nettek0300
nettek0300 earned 260 total points
ID: 24381683
If it is inbound emails that you are not receiving, the problem may actually be the reverse of what I said.  Qwest may be block the senders for some reason, possibly because they do not have a reverse lookup.  I misunderstood the question.  I thought you were having trouble sending out.  In either case, I would go back to Qwest and explain the situation to them.  It would be handy to have a list of rejected senders and/or sender domains to give them.
0
Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

 
LVL 7

Assisted Solution

by:LANm0nk3y
LANm0nk3y earned 70 total points
ID: 24381761
I would check to see if your port 25 is open from your ISA rules. That's if you're using ISA for packetfiltering (firewall).  Otherwise, you can check your firewall if it's blocking port tcp 25.  You can do from a remote location and following this guide: http://support.microsoft.com/kb/153119 [Don't think this is really your problem but, doesn't hurt to check]

If you fixed this, the next thing you should do is check if your MX is set up correctly on the NS of your domain. This depends on if you're using their name server or not, or if you're using your own (which i highly doubt due to security issues and what not).  [Don't think this one is either]

If all these are correct, then do you have a spam filter in place?  Intelligent message filter does not show in the message tracking, at least I don't think.  However you can set your virtual smtp to log errors and you can see if there's any clues there.  You may need to open the log in excel, because it's space delimited.  The other thing you can do is find out the sender's email server and put the ip in the RBL server you are using in your intelligent message filter or use MXtoolbox.com.
0
 

Author Comment

by:KZim
ID: 24386242
I did find out that qwest allows you to configure your reverse dns yourself at www.qwest.net/account_tools/dns

Can someone validate my other question of what do I request in the reverse lookup?  Our domain name (ie foo.com) or the a record mail.foo.com that points to the static IP address on my dsl modem (fronting the exchange server)?

I'm thinking the mail.foo.com because of that's what's built in DNS, right?  But want to get this right.

Thanks!
0
 
LVL 10

Assisted Solution

by:Korbus
Korbus earned 170 total points
ID: 24387692
If it's inbound mail thats a problem,  reverse DNS, and YOU being a a blacklist, is *irrelevant*.
Your spam blocker or ISP may be blocking the sender if THEY are on a blacklist tho.
0
 
LVL 6

Assisted Solution

by:nettek0300
nettek0300 earned 260 total points
ID: 24390225
Korbus is correct.  Reverse DNS is irrelevant with inbound issues.  If you are not having trouble sending email, I would not worry about the reverse DNS.  You need to go to Qwest and find out why your sender's are getting blocked.
0
 

Author Comment

by:KZim
ID: 24438148
After reading some other posts, I've monitored ISA (ISA 2004) to see if things are being blocked for these senders, etc.  I am seeing a lot of the following denial/error:

"A connection was abortively closed after one of the peers sent a RST segment"  And it shows it is an
fwx_e_abortive_shutdown

I read one post on this site that discusses this, but it referred to turning off reverse DNS on exchange, which I don't have on and I'm still having this issue.

Any thoughts?
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now