Solved

troubleshooting exchange sending issues

Posted on 2009-05-19
16
223 Views
Last Modified: 2012-05-07
One of our clients is having trouble sending email to certain domains.

We are running windows server 2003 and exchange sp2.

As far as I can see we have everything configured correctly - we have a fixed ip, our reverse dns corresponds correctly with our servers FQDN and everything else is working fine.

I have also checked our IP against blacklists using this tool:
http://www.mxtoolbox.com/blacklists.aspx
Everyone seems ok (no listings).


However, they are getting emails bounce back when sent to certain domains.

As an initial test, I found the mx records for a particular problem domain, I pinged it from the server and from a remote machine (both returned the same ip, and response time seemed fine).
Then I telneted into the remote mail server, on a machine outside the company it connected without any problem, but from the server, it would not connect to the remote mail server - it just timed out.

Just wondering if this gives an indication of whats wrong, or what would the next troubleshooting steps be?
0
Comment
Question by:davids355
  • 7
  • 6
  • 3
16 Comments
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 24421221
Can you verify if that domain is Blacklisted or not and are you able to do a telnet session to that server with its IP.
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 24421233
Can you verify if your are able to drop an email using telnet.
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 24421245
Can you send mails to that domain user from External account?
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 24421251
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 24421257
Do you get any NDR?
0
 

Author Comment

by:davids355
ID: 24422395
I canot open a telnet session to the server from our servers ip, I try and connect and it just shows a black screen, then goes back to command prompt (so im assuming its just timing out).

I CAN telnet to the server from outside our network (so sort of confirms its a comms problem from our server to theres).

I have checked blacklists, we are not on any.

We do get ndrs, they say the following:

did not reach the following recipient(s):

***** on Tue, 19 May 2009 12:35:55 +0100
    Could not deliver the message in the time limit specified.  Please retry or contact your administrator.
    <ourFQDN #4.4.7>

I normally find that when there is a blocking issue, we normally get a message either in the ndr, or when I try and telnet. But as there is no error message as such, Im assuming theres some sort of time-out issue? Just dont know how to troubleshoot any further...
0
 

Author Comment

by:davids355
ID: 24422426
http://support.microsoft.com/default.aspx?scid=kb;en-us;300171

Regarding this article, we do have a correctly configured RDNS record (nslookup gives our servers FQDN in return from our ip address).
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 24422544
Is there any Spam filter or IMF or any antispams set that might have some rules that might be blocking this connection ?
0
Integrate social media with email signatures

Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

 

Author Comment

by:davids355
ID: 24423424
we have imf setup, thats about it. But would that effect outgoing mail?
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24424470
Timeouts are hard to diagnose, as there could be any number of reasons for those, the bulk of them outside of your control.
Can you telnet to the MX records of the remote domains? If not then that would point to a routing or connectivity issue.

Simon.
0
 

Author Comment

by:davids355
ID: 24427374
no we cant telnet to the mx records of the remote domain.
So I guess it does point to a connectivity issue. now that you mention that, i think i had that problem before and someone on experts exchange helped me to create a connector that solved the problem, cant remember how we done it though.

Also, why should we be having these issues? We do have dns setup on the server, but all external dns resolution is forwarded to our router which in turn goes through BT servers, so shouldnt really be an issue there (also we can successfully ping the FQDN of the remote mx servers so doesnt seem to be a dns issue.) Its just really strange...
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24429758
Ping means nothing.
It just shows that a packet leaves your server and is returned by something at the other end. Doesn't tell you if it is a router or the server itself. As a troubleshooting tool ping is close to useless.

If you cannot telnet to port 25 of the MX record host name then that means either the server isn't available, you cannot reach it or they are blocking you.

Have you tested the server with one of the public internet based MX testing tools to verify it isn't a more widespread problem?

Otherwise an SMTP Connector to route email via another SMTP server, like your ISPs is the usual way to get around a block. http://www.amset.info/exchange/smtp-connector.asp

Simon.
0
 

Author Comment

by:davids355
ID: 24430919
ok fair enough. What I really meant by ping was that it returns the correct ip for the fqdn of the remote server. So ruled out dns issues.

As for telneting in, I can successfully telnet from within another network, so I assume it is a problem specific to our network.
0
 

Author Comment

by:davids355
ID: 24430992
Today I have re-checked the server ip for blacklists - and it is listed on a few. accordingly, When telneting into some other mail servers I am getting a message saying that we are listed.

In particular, we are listed on http://www.spamhaus.org CBL; it shows a machine in our network has a virus. The date of listing is today.

I checked all major blacklists yesterday and we definately wernt listed.

My question is this:

Is it possible (even we wernt on any blacklists yesterday) that a mail server could have started blocking our connection attempts because of this?
0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24432186
Depending on the server setup, they could be using a blacklist to stop all connections. Most blacklist use though is done after the connection, so you would get an NDR to tell you it had failed.

If you are blacklisted then you need to deal with that first.

Simon.
0
 

Author Closing Comment

by:davids355
ID: 31582958
sorted blacklists all seems ok now
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
This video discusses moving either the default database or any database to a new volume.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now