lomaree
asked on
emails not being recevied from specific domains
Hi Experts,
we have recently upgraded our exchange from 2003 to 2007 , everything went smooth and all migration was perfect. but we are facing an issue which we cannot understand the reason for. the problem is that there are some domain we cannot recevie emails from also in some cases it is just specific sender from that domain e.g. which i am about to share with you all. our employee using gmail sends an email to his own email inside the organization, doesn't get recevied. If I myself send an email to my own email address inside the organization, get recevied.
Exchange 2007 SMTP recevie connector log shows that when the user send using gmail the connection was made from gmail server but when the session closes with "Remote" where as with my email the log closes with "service closing transmission channel" and "Local". apperantly my email is seen in the inbox where as his email does not reach his inbox at all.. disappeared in thin air.
logs are attached for reference
addtionally, if you look into the log you will observe that the message was recevied but it didn't got queued for delivery.
by the way we have two server , one HUB/CAS and second Mailbox
recevied.txt
unable-to-recevie.txt
we have recently upgraded our exchange from 2003 to 2007 , everything went smooth and all migration was perfect. but we are facing an issue which we cannot understand the reason for. the problem is that there are some domain we cannot recevie emails from also in some cases it is just specific sender from that domain e.g. which i am about to share with you all. our employee using gmail sends an email to his own email inside the organization, doesn't get recevied. If I myself send an email to my own email address inside the organization, get recevied.
Exchange 2007 SMTP recevie connector log shows that when the user send using gmail the connection was made from gmail server but when the session closes with "Remote" where as with my email the log closes with "service closing transmission channel" and "Local". apperantly my email is seen in the inbox where as his email does not reach his inbox at all.. disappeared in thin air.
logs are attached for reference
addtionally, if you look into the log you will observe that the message was recevied but it didn't got queued for delivery.
by the way we have two server , one HUB/CAS and second Mailbox
recevied.txt
unable-to-recevie.txt
ASKER
Hi Alan,
I'll check the message tracking and we have mcafee anti-virus 8.7 installed and we have already excluded all the directories of exchange from anti-virus to scan it or do anything with it.
I'll check the message tracking and we have mcafee anti-virus 8.7 installed and we have already excluded all the directories of exchange from anti-virus to scan it or do anything with it.
Okay - thanks for the feedback. Check the message trackjing to see if the messages arrive. If they don't then that's one problem, but if they do, then disappear, that's another.
ASKER
message tracking does not show that message at all, only smtp logs shows that the sender email server connected , authorized authenticated , submitted the message and gone without get a proper closing transmission.. check the logs and you will know what I am talking about.
If the log shows that there is no proper close, then it sounds like it is being rejected or there is a communication issue. As others are flowing properly, then it sounds like it may be getting rejected.
Have you got the built-in Spam Filtering or are you using 3rd party Anti-Spam software on the server?
Have you got the built-in Spam Filtering or are you using 3rd party Anti-Spam software on the server?
ASKER
Yes we have 3rd party Anti-Spam software "GFI" but we even uninstalled it and tried and same results i.e. same domain to different senders from one is recevied and from the second one it is not recevied. so if it was the communication issue then both should not be recevied. why one sends and everytime he/she sends it is recevied but the second one is not recevied no matter what he/she does... weird.
Unfortunately, if the message tracking is not showing the message at all then it is not reaching your server fully, so either something is intercepting it before it can complete the send or it is getting rejected by your server for some random reason.
Are you using the built-in Exchange Anti-Spam tools in addition to the GFI mail-Essentials tools?
Are you using the built-in Exchange Anti-Spam tools in addition to the GFI mail-Essentials tools?
ASKER
bulti-in exchange anit-spam.. which is that? we are only using GFI mail-essentials and mail-security only.. recently I contacted microsoft and they adviced to uninstall the GFI so I did and was running a forefront 2010 for exchange to control the spam but nothing happened I mean same problem appeared.
What I cannot understand it that why one gets through and as many times as u send it and one does not as many times as you send... what is so special for that one user and other is not.
What I cannot understand it that why one gets through and as many times as u send it and one does not as many times as you send... what is so special for that one user and other is not.
Built-In Exchange Anti-Spam:
Are you still running Forefront or have you uninstalled it?
Yes - there is no logic to it yet - but if we can work out why - they the logic may appear!
- http://support.microsoft.com/kb/555924
- http://technet.microsoft.com/en-us/library/aa996604(EXCHG.80).aspx
- http://www.msexchange.org/articles_tutorials/exchange-server-2007/security-message-hygiene/exchange-server-2007-spam-filtering-features-without-using-exchange-server-2007-edge-server.html
Are you still running Forefront or have you uninstalled it?
Yes - there is no logic to it yet - but if we can work out why - they the logic may appear!
ASKER
mail-security is anti-virus and mail-essential is anti-spam.
yes we still have forefront installed and running
yes we still have forefront installed and running
Okay - please remove Forefront, McAfee and GFI. Reboot the server and then test mail-flow.
Once the server is clean of intefering products, you may see the mail arrive. It is not enough to disable the products - they have to be removed I am afraid.
Once the server is clean of intefering products, you may see the mail arrive. It is not enough to disable the products - they have to be removed I am afraid.
ASKER
Okay i'll do once back in the office.
lets see
lets see
Thanks - will await your feedback.
ASKER
Hi
Unistalled Forefront, GFI and Mcafee and tried with same results , logs speak the same thing. :S
Unistalled Forefront, GFI and Mcafee and tried with same results , logs speak the same thing. :S
Okay - thanks. At least that should prove the problem is not the server.
What router do you have and what firmware version do you have?
Is your Exchange server on Service Pack 2 for Exchange yet?
Is the server up-to-date with updates.
Can you send a test message (the same message that fails to you) to me at alan @ it-eye.co.uk please.
What router do you have and what firmware version do you have?
Is your Exchange server on Service Pack 2 for Exchange yet?
Is the server up-to-date with updates.
Can you send a test message (the same message that fails to you) to me at alan @ it-eye.co.uk please.
Hi
Does reverse DNS exist for your domain?
You can check this at http://mxtoolbox.com and choose diagnostics and type in your ip address
Or http://www.hq42.net/net_tools/index.php and choose Reverse Lookup
Some Domains will not send the e-mail if the reverse DNS test fails
Does reverse DNS exist for your domain?
You can check this at http://mxtoolbox.com and choose diagnostics and type in your ip address
Or http://www.hq42.net/net_tools/index.php and choose Reverse Lookup
Some Domains will not send the e-mail if the reverse DNS test fails
ASKER
we have router 3361 router and ASA 5520 and IPS tipping point , versions are
3361 : c3660-i-mz.123-11.T.bin
ASA5520 : asa722-k8.bin
IPS : 2.5.5.6994
we dont have yet sp2 installed but have roll up 9 installed
2003 x64 sp2 installed and updated
3361 : c3660-i-mz.123-11.T.bin
ASA5520 : asa722-k8.bin
IPS : 2.5.5.6994
we dont have yet sp2 installed but have roll up 9 installed
2003 x64 sp2 installed and updated
Your Cisco has SMTP fixup enabled which may be causing the problems - please turn this off and then re-test.
mail.yourdomain.com.qa claims to be invalid hostname '*************************
This is classic SMTP fixup and causes mail-flow problems.
mail.yourdomain.com.qa claims to be invalid hostname '*************************
This is classic SMTP fixup and causes mail-flow problems.
ASKER
Hi Alan,
I had done this but same results and also the version which I am running on ASA is the one which covered this problem, i mean in older version there was a bug with SMTP fixup which causes the ASA to even reboot.
but i didn't understand you point that our mail server claims to be invalid.... how ?
I had done this but same results and also the version which I am running on ASA is the one which covered this problem, i mean in older version there was a bug with SMTP fixup which causes the ASA to even reboot.
but i didn't understand you point that our mail server claims to be invalid.... how ?
ASKER
hi malcou,
I have checked the reverse DNS and things are fine ... this was one of the first thing i had done..
I have checked the reverse DNS and things are fine ... this was one of the first thing i had done..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi
Well I have remove it and I am going to try with those domain
Well I have remove it and I am going to try with those domain
ASKER
Hi Alan
It worked, I removed it n restarted the ASA n all emails came in... WOooo.. thanks alot . u r an exchange guru..
It worked, I removed it n restarted the ASA n all emails came in... WOooo.. thanks alot . u r an exchange guru..
Great news - glad you are sorted.
Thanks for the points.
Thanks for the points.
http://www.msexchange.org/tutorials/Exchange-2007-Message-Tracking-Part1.html
What Anti-Virus software do you have installed on your server? Usually this can be caused by Anti-Virus / Anti-Spam software interfering.