Solved

Mail Continually Bounces to one domain, can't figure it out, Exchange 2007 Server

Posted on 2009-07-08
9
296 Views
Last Modified: 2013-11-30
We get the following NDR:

Delivery has failed to these recipients or distribution lists:

user@domain.com
Microsoft Exchange has been trying to deliver this message without success and has stopped trying. Please try sending this message again, or provide the following diagnostic text to your system administrator.

#550 4.4.7 QUEUE.Expired; message expired ##

Please help!  Which diagnostics can i use in Exchange 2007 to see where this message is stopping and what the hold up is.
0
Comment
Question by:LB1234
  • 5
  • 4
9 Comments
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 500 total points
Comment Utility
The message means what it says - it has expired. Could be any number of reasons for that, the bulk of which is outside of your control.

You need to do an nslookup on the domain to get the MX records and then see if you can connect to the MX record host nme using telnet to port 25.


For example... and old lookup for microsoft.com:

C:\>nslookup
Default Server:  server.domain.co.uk
Address:  192.168.1.1

> set type=mx
> microsoft.com
Server:  server.domain.co.uk
Address:  192.168.1.1

Non-authoritative answer:

microsoft.com   MX preference = 10, mail exchanger = mailc.microsoft.com
microsoft.com   MX preference = 10, mail exchanger = maila.microsoft.com
microsoft.com   MX preference = 10, mail exchanger = mailb.microsoft.com

maila.microsoft.com     internet address = 131.107.1.7
maila.microsoft.com     internet address = 131.107.1.6
mailb.microsoft.com     internet address = 131.107.3.123
mailb.microsoft.com     internet address = 205.248.102.77
mailc.microsoft.com     internet address = 205.248.102.78
mailc.microsoft.com     internet address = 205.248.102.79
>

When you have the MX server information, see if you can telnet to port 25 of the remote server.

For example (using the above information)
telnet maila.microsoft.com 25



Simon.
0
 
LVL 1

Author Comment

by:LB1234
Comment Utility
Thanks Simon, but unfortunately I got the following:

220 Postini ESMTP 260 y6_19_2c0 ready.  CA Business and Professions Code Section
 17538.45 forbids use of this system for unsolicited electronic mail advertiseme
nts.
0
 
LVL 1

Author Comment

by:LB1234
Comment Utility
So apparently they're blocking us somehow by IP address?
0
 
LVL 65

Expert Comment

by:Mestha
Comment Utility
That is just the standard Postini banner.
Did you do the test from the Exchange server?

If they were blocking your email you wouldn't get an expired message - expired means Exchange was unable to connect, not that the connection was rejected.

Simon.
0
Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

 
LVL 1

Author Comment

by:LB1234
Comment Utility
i didn't do the test from the exchange server.  will do so now.  Here is what i get:

220 ***************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
0
 
LVL 65

Expert Comment

by:Mestha
Comment Utility
You have a PIX, or something like that.
Disable fixup SMTP or whatever it is called on the ASA.

Simon.
0
 
LVL 1

Author Comment

by:LB1234
Comment Utility
Simon, we actually have two exchange 2007 servers (transitioning from the old box to the newer one).  The mailboxes are all on the new server, but the old server is actually the one that talks to our PIX, and routes mail for the new server.  Could this be part of the problem?
0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
Comment Utility
As long as the server receiving the email has the hub transport role installed, then it will be fine. Exchange doesn't care which server the email is delivered to. Once it hits Exchange, Exchange deals with the delivery of the message between the servers.

Simon.
0
 
LVL 1

Author Comment

by:LB1234
Comment Utility
The fix for this was strange, and I'm listing it here in hopes that it helps someone else in the future.  Like I mentioned, we had two exchange 2007 servers.  On the newer of the two servers, (but not the one through which mail was making it to the outside world, this was filtered through the older E2k7 server), I had to go to Organization Configuration > Hub Transport > Global Settings > Message Delivery Tab > And here I entered in the IP address of the other E2k7 server.  Then it worked like a charm.  The text related to the IP entry was "Enter the IP addresses of internal SMTP server.  These addressed will be ignored by the Sender ID and connection Filtering:"

0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
This video discusses moving either the default database or any database to a new volume.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now