Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Exchange 2003 Server intermittent NDR issues.  Bizarre, and can't track down.

Posted on 2009-07-09
5
Medium Priority
?
435 Views
Last Modified: 2012-08-14
I am having the hardest time tracking down an intermittent problem.  

I am running Exchange Server 2003 on a Server 2003 Standard installation which is also the Domain Controller.

Recently, we moved our DNS registration for our domain from Network Solutions to GoDaddy (ostensibly to "consolidate" a number of different domain names).  Ever since, we have been receiving intermittent, seemingly random NDR's generated by our server that give the following codes:

The following recipient could not be reached:
      USER NAME on 7/9/2009 10:25 am
          There was a SMTP communication problem with the recipient's e-mail server.  Please contact your system administrator.
          <mailserver.mydomain.local #5.5.0 smtp; 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)>

The user who sent this e-mail (which was a reply with an attachment) sent another e-mail that was new to this same recipient and it went through 2 minutes later.  She then sent another reply (at my request) and IT went through, not 10 minutes after that.

I have also been getting these:

The following recipient(s) could not be reached:

 

      USER NAME on 7/6/2009 8:39 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <3dogkcntwolf.ThreeDog.local #5.5.0 smtp;530 authentication required for relay (#5.7.1)>

After the user re-sends this one, it goes as well.  So, the problem is intermittent, but it is happening often enough that it is causing serious issues, enterprise-wide.

Any ideas what this could be?
0
Comment
Question by:clenh2o
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 40

Expert Comment

by:Subsun
ID: 24816954
Remote server is rejecting your connection for some reason. Or a possible issue with the remote server. NDR can be customized therefore may not tell you the exact reason.

To save your time, what I would suggest: before assuming things and taking action to correct this issue at your server. I would suggest you to contact remote email administrator to find out what is the exact cause of this issue. You may ask them to verify their inbound logs and provide the exact cause of rejection. Once you know the exact reason you can take necessary action to resolve it.

You can also refer the articles to get more details on MX records and to verify your configuration.
http://www.petri.co.il/configure_mx_records_for_incoming_smtp_email_traffic.htm
http://www.computerperformance.co.uk/exchange2003/exchange2003_MX_records.htm
http://www.amset.info/exchange/dnsconfig.asp
0
 
LVL 40

Expert Comment

by:Subsun
ID: 24816973
0
 
LVL 1

Author Comment

by:clenh2o
ID: 24859715
Subsun,

The e-mails that are being rejected are to many different parties.  The e-mail gets through upon a retry.  The failure appears to be transient at best.  I can never get the e-mail to fail the same way twice.  Occasionally, the same recipient will casue a NDR rejection to appear, but only days apart.  And again, upon resend, the e-mail goes through.  About one in every 150 e-mails or so is getting bounced.  Soem of these e-mails are in distribution groups, some are not.  Some are replies to e-mails they have received, others are original e-mails.

I have run the tests suggested.  Here are my results.

http://www.checkdns.net/quickcheckdomainf.aspx:    All MX are configured properly

http://www.mxtoolbox.com/index.aspx:  No blacklist listings, 6.968 seconds - Warning on Transaction Time.  

http://www.dnscolos.com/free-dns-report.html:  All passed.

So, one test sent a warning on Transaction Time, and it did it EVERY single time I ran the test.  Could this be a TTL thing?  Servers are timing out on replies?  But even so, why generate an authentication NDR?

Thanks in advance.


0
 
LVL 40

Accepted Solution

by:
Subsun earned 1500 total points
ID: 24859977
It is nothing related to TTL, It is the time taken to get a response from your server.. are you using tarpitting or some thing like that as a SPAM filtering techniques?
NDR May not tell you the exact reason since it can be customized. I would suggest you to enable SMTP logging to troubleshoot this issue. SMTP log can tell you something.
And as I said earlier, instead of assuming things just contact the remote admin and get the exact reason for failure and fix the issue.. This is what I do to fix such issues. :-)
Also check this post..
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_22829222.html 
0
 
LVL 1

Author Comment

by:clenh2o
ID: 24872495
I am using tarpitting.  It is a time issue.  I verified this with SMTP logging and am getting time-out errors.  I did not contact remote admins as this was not an issue with their end.   Also, I found that GoDaddy places a bunch of default cnames in our domain control panel that are supposed to catch mail from alternate, likely addresses.  I removed these and this completely resolved my time-out issues.  There HAD to have been a DNS discrepancy, which now appears to be resolved.  I have not received a bounceback or a NDR in 29 hours.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question