Link to home
Start Free TrialLog in
Avatar of dwebgirl

asked on

Not able to email another domain


We started having problems emailing to an external domain.  This started happening about a month ago.  Prior to that we didn't have any problems emailing to the same domain.   We are not having any problem sending to other domains.  First we get a 'delay' notification back with SMTP 4.4.7, then we get a return notification of failure.  I can connect to the other domain through Telnet but it's not accepting other commands.  But I do get this weird response back with 220.  I also see the same thing when I look at the email in Exchange System Manager in Tracking.  I've attached a file that shows this message.  One thing I haven't been able to do because the user deleted them is look at the message header on the returned 'failure' email.

They white listed us in their Barracuda.  That didn't clear things up.  I'm not seeing anything on my end that would indicate an issue.  I've looked through the message logs and don't find anything unusual there.  They've talked to their ISP who is telling them that they're not seeing our email - not sure how reliable this information is since it's second hand.

I'm stumped, please help..... Thanks!
Avatar of dwebgirl


Also, get the following results when run SMTP test on Mxtoolbox.  Not sure if this helps or not?

 Not an open relay.
 0 seconds - Good on Connection time
 0.218 seconds - Good on Transaction time
 OK - resolves to
 Warning - Reverse DNS does not match SMTP Banner

Session Transcript:
250 SERVER01.domain.priv Hello [] [62 ms]
250 2.1.0 OK [47 ms]
550 5.7.1 Unable to relay for [47 ms]
221 2.0.0 SERVER01.domain.priv Service closing transmission channel [62 ms]
Ok, here's another update.  I can Telnet and connect into the domain's mail server and get a 250 response back to HELO command but it does not respond back to MAIL FROM: command.  Just times out and loses connection.  

is listing you on any blacklists?
When you did the telnet did you do it from your internet facing Exchange server or from another box?
Ok, this may be related to a Cisco Pix Firewall and Mailguard.  Will know further in a day or two.
What happens if you try telnet and use EHLO instead of HELO?
With EHLO - I get 500 5.5.3 unrecognized command.  With HELO I get a response 250 back.   It's after I enter the MAIL FROM: comand that it just sits there and times out.

I've been waiting to hear back from the recipient's end as to what I asked them to look into.  We're getting a lot of the symptoms that are discussed in this article:,printer).aspx.  This is what I asked them to look into.  I did get a call back and they told me the tech guys don't want to do the recommended solution.

Any ideas?

To answer your other questions  - Also, we're not listed on any major blacklists according to MXToolBox and other look-up sites.  Same telnet responses whether done from Exchange Server or a client PC.
Try SMTPDiag

SMTPDIAG "sender address" "recipient address" [-d target DNS] [/v]
Are they behind a Cisco PIX firewall? they should definitely turn the Mailguard feature off then... Otherwise they could end up getting duplicate messages...
I had run SMTPdiag before but not able to run with -d target DNS.  Perhaps I'm not entering the correct syntax.

The message I get with /v is "Checking MX servers listed connecting to ....... Error: Expected '220' server is not accepting connections.  Failed to submit mail"

Yes they are behind a Cisco Pix.  I am scheduled to talk to the company's tech consultant tomorrow.  But, when talking with the company person yesterday, he told me that the tech consultant advised him against making the change to accept email from just one company.  He said something about it opens them up to bad things and they shouldn't have to do that for one company.  What I don't understand is why all of a sudden it stopped working.  We used to be able to send email to them without any problem.  This happened a week or so after being blacklisted.  We got off that but then we still couldn't send them email.  I asked them to whitelist us and they supposedly did on their Barracuda.
I don't know much about PIX firewalls, but maybe they can add a "safe" rule for your domain or a route from your external IP address into them so MailGuard doesn't touch it...

I don't know about Cisco PIX firewalls as well.  Does it make sense what they're saying?  I can ask about adding a "safe" rule tomorrow when I talk with them.
Avatar of MegaNuk3
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Would all the other Tab settings stay the same as the original SMTP connector except the SMTP Connector Name and what you mentioned above?
Yep, but you would need to check the cost of the "*" one though and make this one cheaper otherwise messages for this dodgy domain will just go out the "*" one
That worked!  I'm glad it did, but somehow I feel that this is just a bandaid?  That really the issue was on their end.

Thanks for all your help and sticking with me through resolution.

Yep, hopefully that company will get lots of calls from every other company they deal with that has Exchange and they will have to turn MailGuard off.

Or hopefully they will receive/send loads of duplicate mails caused by Mailguard...