• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 884
  • Last Modified:

Cannot send mail to AOL

Hello my newly installed Exchange 2007 server cannot send mail to AOL accounts. Our domain name is holyapostlescc.org. Our reverse DNS seems to check out as well as our SPF record.

We are using a 3rd party spam filter, but that should be only affecting incoming mail.

When anyone in the organization sends mail to an AOL address, we either get a bounce back or a message stating the delivery has been delayed.

Anybody got any ideas?
0
polizei11
Asked:
polizei11
  • 22
  • 20
  • +1
1 Solution
 
Alan HardistyCo-OwnerCommented:
Please have a read of my FAQ for this exact problem:
http://www.it-eye.co.uk/faqs/readQuestion.php?qid=2
0
 
polizei11Author Commented:
Ran through all the checks on your FAQ, and everything checks out ok. Reverse DNS matches, SPF record is there and validated, and not listed on any blacklists. Any other solutions?
0
 
Alan HardistyCo-OwnerCommented:
Hmmm.  I was hoping something was missing.

Nevermind.  Can you please post an NDR message (hide pertinent domain info if you don't want this available on the web).

Thanks

Alan
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
chilidsCommented:
CAn you post the reason for the bounce back?  Typically all of the things that could cause a bounce are addressed the the above FAQ (very nicely put Alanhardisty).  But I have seen AOL block emails that came from an IP pool.  One of my clients had a static IP with proper DNS in all aspects and still could not send to AOL.   They would recieve a delay and then later a NDR.  The problem ended up being the way their ISP handled IP leasing so that even though they were a static IP they were still being blocked.  Most ISP's do not have this problem so this may not be your issue but something that is possible
0
 
polizei11Author Commented:
Working on getting a NDR, but this client has static IPs provided by Cbeyond. Here at my office I also use Cbeyond (along with multiple other clients) and have never had this problem. Could there be something in my exchange setup causing this issue?
0
 
Alan HardistyCo-OwnerCommented:
Please send me a test message to alan @ it-eye.co.uk and I'll see if you pass my spam filtering / configuration checks.

Please advise once you have sent a message.
0
 
polizei11Author Commented:
Test message sent
0
 
Alan HardistyCo-OwnerCommented:
Will watch out for it. You will get temporarily rejected (greylisting in action).
0
 
polizei11Author Commented:
NDR <emailee's address.aol.com>
Microsoft Exchange has been trying to deliver this message without success and has stopped trying. Please try sending this message again, or provide the following diagnostic text to your system administrator.

at the bottom it lists the following as Diagnostic information for administrators:
<emailee's address.laol.com>
#550 4.4.7 QUEUE.Expired; message expired ##
0
 
polizei11Author Commented:
NDR <emailee's address.aol.com>
Microsoft Exchange has been trying to deliver this message without success and has stopped trying. Please try sending this message again, or provide the following diagnostic text to your system administrator.

at the bottom it lists the following as Diagnostic information for administrators:
<emailee's address.aol.com> <sp>
#550 4.4.7 QUEUE.Expired; message expired ##
0
 
Alan HardistyCo-OwnerCommented:
I got your email so your server / domain is setup properly.

Have you tried testing the mailflow to aol via telnet?

http://support.microsoft.com/kb/323350

Please wrap the email addresses with < > brackets.
0
 
polizei11Author Commented:
In trying this when I do the rcpt to:<testaccount>@aol.com
I get 550 5.7.1 Unable to relay

I get the exact same message when doing rcpt to:<my email>(which I know they can send to)

I only get rcpt ok when I use an email address that is within their organization
0
 
Alan HardistyCo-OwnerCommented:
You need to put  not @yourdomain.com
0
 
polizei11Author Commented:
Still get unable to relay when I type:

rcpt to:<testaccount@aol.com>
0
 
gmbaxterCommented:
If you have tried a manual telnet email to AOL and this has failed then it would suggest that you have been blocked by them.

I have experienced it before where a mail server was blocked by AOL by IP, hence it not showing up as being on a black list when this was checked.

Fill in this form (http://postmaster.aol.com/waters/sa_form.html) and give an alternative email contact address (e.g. gmail or hotmail). AOL will respond within 24-48 hours and should get you sorted out if the problem is at their end.
0
 
Alan HardistyCo-OwnerCommented:
Checking your ip address comes back fine. Testing your domain name comes back fine.

Telnetting to your server tells me that your server is called limbo.hacc4.local which is incorrect and should be changed to mail.yourdomain.org

This may be your problem with aol.

Please open up exchange management console, expand the organisation configuration then click on Hub Transport.

Click on the send connectors tab and then double-click on the smtp connector then change the fqdn name as above.
0
 
polizei11Author Commented:
In the send connector our FQDN is listed as mail.holyapostlescc.org
0
 
polizei11Author Commented:
Our local name of the server is limbo.hacc4.lcl but the external name in the Send Connector is listed as mail.holyapostlescc.org
0
 
Alan HardistyCo-OwnerCommented:
Not when I telnet to the ip address that sent me mail.
0
 
Alan HardistyCo-OwnerCommented:
What does your receive connector show?  It should be the same.
0
 
polizei11Author Commented:
Is there another place to change it?

Have included a screenshot
Untitled.jpg
0
 
polizei11Author Commented:
There is a Default recieve connector that lists the FQDN as limbo.hacc4.local
There is also a Client recieve connector that lists the FQDN as mail.holyapostlescc.org

I believe it is set to only use the client recieve connector, but i can change the default connector to read the same. Should I?
0
 
Alan HardistyCo-OwnerCommented:
Yes please.
0
 
polizei11Author Commented:
When I try to change that from limbo.hacc4.local to mail.holyapostlescc.org I get this message:

--------------------------------------------------------
Microsoft Exchange Error
--------------------------------------------------------
The following error(s) occurred while saving changes:

set-receiveconnector
Failed
Error:
When the AuthMechanism parameter on a Receive connector is set to the value ExchangeServer, you must set the FQDN parameter on the Receive connector to one of the following values: the FQDN of the transport server "Limbo.HACC4.local", the NetBIOS name of the transport server "LIMBO", or $null.
--------------------------------------------------------
OK
--------------------------------------------------------
0
 
Alan HardistyCo-OwnerCommented:
Please uncheck the Exchange Servers from the Permission Groups Tab on the Receive Connector then try again.
0
 
Alan HardistyCo-OwnerCommented:
Have you called AOL?  They may be blacklisting you incorrectly.
0
 
polizei11Author Commented:
Did that, the only check is not Exchange Users, but same result, and same error message
0
 
polizei11Author Commented:
sorry meant now instead of not
0
 
Alan HardistyCo-OwnerCommented:
Hmmm.  How many receive connectors have you got?
0
 
polizei11Author Commented:
2 a Default recieve connector and a Client recieve connector.

0
 
polizei11Author Commented:
Just added info, checked my exchange server here at my office, and it has the same setup (2 receive connectors, client and default, with client using the external name and default using the internal name)
0
 
Alan HardistyCo-OwnerCommented:
Okay - what are the network settings and TCP Port numbers set on each connector please?
0
 
polizei11Author Commented:
Client Connector - (All available ips) port 587
Default Connector - (all available ips) port 25
0
 
Alan HardistyCo-OwnerCommented:
Are you receiving mail on port 587 (Secure SMTP)?
If not, you can change the Default Connector FQDN to mail.holyapostlescc.org and can set the permission groups to just allow anonymous access unless you have specific requirements.  Please document anything you change in case you need to undo the changes.
0
 
polizei11Author Commented:
No we are not recieving mail on 587, but even if I set the permission groups to just allow anonymous access. When I try and change the FQDN to mail.holyapostlescc.org it fails with the same error as before
0
 
Alan HardistyCo-OwnerCommented:
Okay - let's not worry too much about that now.
What Service Pack and Rollup have you got installed on your server currently?
0
 
polizei11Author Commented:
Server 2008 SP1 not sure about the Rollup where do I find that
0
 
Alan HardistyCo-OwnerCommented:
Control Panel> Programs and Features> View Installed Updates
0
 
polizei11Author Commented:
Doesn't list a rollup only a lot of security updates and "updates for microsoft windows"
0
 
Alan HardistyCo-OwnerCommented:
In that case, please download and install Exchange 2007 Rollup 9.  Not saying it will fix the problem, but being up-to-date should narrow the possibility that the problem lies at your end:
http://www.microsoft.com/downloads/details.aspx?FamilyID=55320be2-c65c-48bb-bab8-6335aa7d008c&displaylang=en
Exchange 2007 Service Pack 2 is also Available, but if you are running SBS (Small Business Server), this is not quite ready for SBS without some tweaking.  It should be fne for Exchange 2007 without SBS.
Start off with Rollup 9 and see where that takes you.
Did you try to contact AOL to see if they are blocking you accidentally?
0
 
polizei11Author Commented:
No response from AOL yet, will apply update and see where that gets us. Though I cannot apply the update remotely so I will have to do this tomorrow. WIll post results
0
 
Alan HardistyCo-OwnerCommented:
No problems.  Would be interested to hear what AOL have to say.
Until tomorrow then.
Alan
0
 
polizei11Author Commented:
Got ahold of AOL postmater (finally) and come to find out AOL was blocking us becuase we were new! Our IP had never sent mail before (which is true, we just installed an Exchange Server) and it appears that our block will be lifted in 24hrs. Thanks for all the help!
0
 
Alan HardistyCo-OwnerCommented:
Oh that's a good one. We will block you because you are new!!!

At least you now know.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 22
  • 20
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now