Solved

Email for certain senders being rejected

Posted on 2009-05-13
10
2,589 Views
Last Modified: 2012-05-06
I have a SBS2003 server running both exchange and ISA.  About a month ago, certain senders email started to be rejected.  They are getting the following message back:

"[xxx.xxx.xxx.xxx] #<[xxx.xxx.xxx.xxx] #5.0.0 smtp; 5.4.7 - Delivery expired (message too old) [Default] '[Errno 54] Connection reset by peer' (delivery attempts: 69)> #SMTP#

I've used the message tracking center to find the emails and they do not exist so I know they are not getting that far.  I also had the sender have someone else in his organization send an email to see if we were blocking him for some reason but it appears to be the domain.  Messages are not being blocked by the intelligent message filter either.

Only change about the same time was I went from using DynDNS to a static IP address on the DSL modem.  I only have one MX record in the DNS and it is pointing to the IP on the DSL modem.  I heard of one other sender geting this error too from a different domain, but the majority of mail is coming through with no problem.

I'm struggling to figure out where to look to see why these keep being rejected.  Thanks in advance for the help!
0
Comment
Question by:KZim
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 6

Accepted Solution

by:
nettek0300 earned 260 total points
Comment Utility
You may need to have a reverse dns lookup put on your static IP.  Many of the big companies (comcast, aol, etc), use spam filters that require the reverse dns lookup in order to receive the email.  If you do not have the reverse dns, the email will not go through.  The best way to find out if you have this is to go to www.dnsstuff.com and put your static IP address in to see if it has a reverse lookup entry (should be host.domain).  
0
 
LVL 7

Assisted Solution

by:LANm0nk3y
LANm0nk3y earned 70 total points
Comment Utility
Expanding on what nettek0300 said. if you're using AT&T or SBC you need to send an email to the DNS team.
Here's the reference: http://www.dslreports.com/faq/11970.  

You can also use mxtoolbox.com if your ip is on a blacklist.
0
 
LVL 10

Assisted Solution

by:Korbus
Korbus earned 170 total points
Comment Utility
If you problem is not recieving INBOUND mail, which is what I got, I would start by checking you anti-spam software.  You can also check the DNS blacklists for those particular domains you do not recieve.
http://www.mxtoolbox.com/blacklists.aspx
You'll need to figure out thier email server's IP address, which may require some DNSlookup work.
0
 

Author Comment

by:KZim
Comment Utility
Thanks for the feedback.  Checked and am not blacklisted, but do not have a reverse DNS setup.  Need to get a hold of qwest.  

Help me understand two things:  First, this is someone outside my organization sending to me, and their email is being rejected as it is coming into me.  You're thinking it's because our ISP is rejecting it because our static IP doesn't have reverse lookup?

Second, what do I request in the reverse lookup?  Our domain name (ie foo.com) or the a record mail.foo.com that points to the static IP address on my dsl modem (fronting the exchange server)?  I'm thinking the mail.foo.com because of that's what's built in DNS, right?

Thanks again!
0
 
LVL 6

Assisted Solution

by:nettek0300
nettek0300 earned 260 total points
Comment Utility
If it is inbound emails that you are not receiving, the problem may actually be the reverse of what I said.  Qwest may be block the senders for some reason, possibly because they do not have a reverse lookup.  I misunderstood the question.  I thought you were having trouble sending out.  In either case, I would go back to Qwest and explain the situation to them.  It would be handy to have a list of rejected senders and/or sender domains to give them.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 7

Assisted Solution

by:LANm0nk3y
LANm0nk3y earned 70 total points
Comment Utility
I would check to see if your port 25 is open from your ISA rules. That's if you're using ISA for packetfiltering (firewall).  Otherwise, you can check your firewall if it's blocking port tcp 25.  You can do from a remote location and following this guide: http://support.microsoft.com/kb/153119 [Don't think this is really your problem but, doesn't hurt to check]

If you fixed this, the next thing you should do is check if your MX is set up correctly on the NS of your domain. This depends on if you're using their name server or not, or if you're using your own (which i highly doubt due to security issues and what not).  [Don't think this one is either]

If all these are correct, then do you have a spam filter in place?  Intelligent message filter does not show in the message tracking, at least I don't think.  However you can set your virtual smtp to log errors and you can see if there's any clues there.  You may need to open the log in excel, because it's space delimited.  The other thing you can do is find out the sender's email server and put the ip in the RBL server you are using in your intelligent message filter or use MXtoolbox.com.
0
 

Author Comment

by:KZim
Comment Utility
I did find out that qwest allows you to configure your reverse dns yourself at www.qwest.net/account_tools/dns

Can someone validate my other question of what do I request in the reverse lookup?  Our domain name (ie foo.com) or the a record mail.foo.com that points to the static IP address on my dsl modem (fronting the exchange server)?

I'm thinking the mail.foo.com because of that's what's built in DNS, right?  But want to get this right.

Thanks!
0
 
LVL 10

Assisted Solution

by:Korbus
Korbus earned 170 total points
Comment Utility
If it's inbound mail thats a problem,  reverse DNS, and YOU being a a blacklist, is *irrelevant*.
Your spam blocker or ISP may be blocking the sender if THEY are on a blacklist tho.
0
 
LVL 6

Assisted Solution

by:nettek0300
nettek0300 earned 260 total points
Comment Utility
Korbus is correct.  Reverse DNS is irrelevant with inbound issues.  If you are not having trouble sending email, I would not worry about the reverse DNS.  You need to go to Qwest and find out why your sender's are getting blocked.
0
 

Author Comment

by:KZim
Comment Utility
After reading some other posts, I've monitored ISA (ISA 2004) to see if things are being blocked for these senders, etc.  I am seeing a lot of the following denial/error:

"A connection was abortively closed after one of the peers sent a RST segment"  And it shows it is an
fwx_e_abortive_shutdown

I read one post on this site that discusses this, but it referred to turning off reverse DNS on exchange, which I don't have on and I'm still having this issue.

Any thoughts?
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now