Link to home
Start Free TrialLog in
Avatar of sraley
sraley

asked on

SMTP Protocol Error Occurred

Our ISP made us change IP addresses which we did and everything seems to be working except exchange started having issues to one domain name, comcast.net that system manager just says an smtp protocol error occurred when trying to deliver the mail outbound. The IP change has happened over 120 hours ago so the ISP's can't blame internet propagation now but neither can tell me that they see any issues.  There are no exchange errors in the application log, only VSS shadow copy errors that I don't know why they started appearing. All other domains outbound are working fine.  Neither ISP can see a block on our domain or new IP.
Avatar of ConchCrawl
ConchCrawl
Flag of United States of America image

i would check your reverse dns for your mx record with your isp and make sure it was updated.
Avatar of sraley
sraley

ASKER

comcast.net said that is the problem that its hitting the firewall coming into my isp and the tracert stops. My isp claims that isn't a problem that other people do reverse lookups and I'm not having issues with those domains.
Avatar of sraley

ASKER

I just did it here and it reverses to the ISP dns name, not my domain name.

http://www.zoneedit.com/lookup.html?ipaddress=72.9.2.83&server=&reverse=Look+it+up
it nees to reverse to you ip address for you exchange server or external router ip depending on you configuration.
you need to request that your isp create a ptr record that matches your domain. then create an a record with the people that manage your domain name that matches and fnally, make sure your exchange smtp ehlo greeting matches too.

shaun
Avatar of sraley

ASKER

but we didn't have this problem before we changed IP's and I can do a reverse on that IP and it resolves to the ISP dns name, not my domain name.
could I please have your external domain name and your new ip address?
 
Avatar of sraley

ASKER

dmwlaw.com  new: 72.9.2.83  old ip 63.147.49.20
on my initial check, here is what I see you mx record is pointing to 74.125.148.10 and others the hostname is dmwlaw.com.s9a1.psmtp.com. the reversed dns is pointed to 74.125.148.10 s9a1.psmtp.com. Your domain dns is pointed to 72.9.2.83.
doing an smtp test on 72.9.2.83, passes fine but there is no reverse dns.
are you using a mail relay to get your mail or is it suppose to come directly to exchange?
 
Also, when I do a whois lookup Whois Query: dmwlaw.com YOUR IP address is 64.20.227.133
Your dns name servers are: NS ns100.worldnic.com 72.9.2.83 - NS ns99.worldnic.com 72.9.2.83
Could you please provide information to these findings?

You first need to decide on a 'A' record for this IP address. Lets say outmail.dmwlaw.com, then do the following:

1) contact ISP (GMP CABLE TV \ Metrocast Communications by the looks of things) and get them to setup a PTR record for your IP address and set to outmail.dmwlaw.com

2) contact your domain management (worldnic.com) and set up a 'A' record as outmail.dmwlaw.com

3) Change the FQDN on your SMTP connector to read outmail.dmwlaw.com

Then you're done. MX records are irrelevan here.

Shaun
Avatar of sraley

ASKER

what ddid you use for the whois query because using www.who.is  everything looks fine. My mx goes through google postini.
You aren't talking about inbound mail, you are having trouble with outbound mail.

Do you use postini or any other smarthost for OUTBOUND mail delivery? If not, then you need to sort out as above. I didn't use a whois query, I asked the nameservers responsible for your IP and domain name for the info.

Shaun
Avatar of sraley

ASKER

how did you ask the nameservers responsible for my ip, I need to be able to know how all this was done before I contact the ISP or I will get the run around like i did yesterday its a problem with comcast nameservers not updating yet even though today is day 5 and I can still see my exchange smtp is not connecting to comcast.net.

Inbound mail is passed through postini. I was replying to the other question asking if i had a passthrough since inbound mail server goes through psmtp.com
Well, the DNS nameserver that is responsible for the reverse zone of your IP address is:

dns.metrocast.net

So using command prompt, you can query this nameserver directly and it will show you what record is there for the IP :

> 83.2.9.72.in-addr.arpa.
Server:  dns.metrocast.net
Address:  65.175.128.181

83.2.9.72.in-addr.arpa  name = static-72-9-2-83.cpe.metrocast.net
2.9.72.in-addr.arpa     nameserver = dns.metrocast.net
2.9.72.in-addr.arpa     nameserver = dns-dr.metrocast.net
2.9.72.in-addr.arpa     nameserver = dns-auth3.metrocast.net
2.9.72.in-addr.arpa     nameserver = dns-auth4.metrocast.net
dns.metrocast.net       internet address = 65.175.128.181
dns-dr.metrocast.net    internet address = 65.175.128.240
dns-auth3.metrocast.net internet address = 65.175.128.140
dns-auth4.metrocast.net internet address = 65.175.128.141
>

So at the moment, there own nameservers have static-72-9-2-83.cpe.metrocast.net set.

The TTL (time to live) on the record is 12 hours, so once they make the change, it will take up to 12hours (in a few circumstance possibly a little longer) for the cached records to expire and for the new PTR to go live.

I'd ask them to check the nameserver for 83.2.9.72.in-addr.arpa  and ask why it still says static-72-9-2-83.cpe.metrocast.net set.

Shaun


Avatar of sraley

ASKER

I can but if you look at our old address that they didn't know we had switched yet since we have until the end of the month it says the same thing. 63.147.49.20
static-63-147-49-20.cpe.metrocast.net is the dns name and comcast.net did not reject this IP address.
Avatar of sraley

ASKER

I just changed my router back to the old IP address and my comcast emails went through. I don't think its anything to do with dns on my end.
The rDNS is not configured according to best practice and standards, so this may cause you problems, particularly with recipient servers like AOL.

I've checked and it appears your IP is blacklisted, thats probably the problem

http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a72.9.2.83

Shaun
Avatar of sraley

ASKER

isp noc said they made the correction for my problem and I submitted for removal from the no-more-fun blacklist. According to that blacklist the entire subnet was added. I was told to try again in 2-3 hours.
Looks like you are still listed, so that will most likely be the cause of the problem.

Shaun
Avatar of sraley

ASKER

well the rdns is fixed and the ip is removed from the no-more-fun blacklist we were in but still problems on certain domains with outgoing mail including comcast.net
Check with comcast (as this is one you are having problems with), and ask them why they are blocking you? Maybe they have a list themselves that you are on, have you checked with them now all the other issues are resolved?

Shaun
Avatar of sraley

ASKER

their are now more than just comcast. I just had a list of 4 domains. whats interesting is domains that comcast hosts are receiving emails.
it appears your blacklist removal has taken affect. btw, I use mxtoolbox.com.
There is a good reason for that comcast would be working and know one else is. They are authoratative for your domain and you are in their network and either the dns settings haven't taken affect on the internet and still probably pointing to that old ip address. OR of course they don't have thier act together, go figure :-).
Hope this is helpful, let me know how it goes.
you also need to check with postini and make sure your new ip address has been configured for email delivery and you can pass their test connectivity. I know we have this ability on MX Logic but not that familiar with postini.
Avatar of sraley

ASKER

Postini was checked and they only handle inbound, nothing checked by them outbound.
Give it a little time, you've made a few changes to IP and EHLO hostname and have only recently been removed from blacklist.

I would see how things are in 24-48hrs, it may just be residual effect, you don't know how often recipient servers recheck to refresh cached info they hold for a domain.

Shaun
Avatar of sraley

ASKER

I just checked since its been 24hrs and still have mail backed up for a couple domains. Not just comcast.net
Do you mean in your queue from exchange outbound or inbound from postini?
Avatar of sraley

ASKER

exchange outbound
Avatar of sraley

ASKER

I just changed back to old ip of 63.147.49.20 and all exchange queues emptied themselves.
Avatar of sraley

ASKER

sorry changed router IP.
ah, that was from the other day :-).
Avatar of sraley

ASKER

still same problem. Emails not going out and ai don't seem to be on a blacklist and rDNS is setup.
What does the NDR say?

Shaun
Avatar of sraley

ASKER

Just that our message could not be delivered and timedout. Exchange is set to retry for 48hrs.
Well you have good rDNS and are not blacklisted and this happens consistently with the same domains? ie, some domains are always fine, and some always fail right?

If so, I'd recommend contacting the domains and asking them why they are rejecting? Start with comcast

Shaun
Avatar of sraley

ASKER

I did and the answer I got from them was rDNS. I will contact them again.
It appears your rDNS is cleared up so if certain domains are still rejecting email then those individual domains have you blacklisted. I can't find any interntet blacklists on your domain. So I would still get a copy of the email that is being bounced back to the sender so it can be analyzed, it will probably tell us what is going on.
PTR            72.9.2.83             dmwlaw.com

Not an open relay.
 0 seconds - Good on Connection time
 5.226 seconds - Warning on Transaction time
 OK - 72.9.2.83 resolves to dmwlaw.com
 OK - Reverse DNS matches SMTP Banner

Session Transcript:
HELO please-read-policy.mxtoolbox.com 250 dmwlaw.com Hello [64.20.227.133] [47 ms] MAIL FROM: <supertool@mxtoolbox.com> 250 2.1.0 supertool@mxtoolbox.com....Sender OK [62 ms] RCPT TO: <test@example.com> 550 5.7.1 Unable to relay for test@example.com [5070 ms] QUIT 221 2.0.0 dmwlaw.com Service closing transmission channel [47 ms]
Avatar of sraley

ASKER

Is it going to be in a log file because one of the test emails I sent got this rejection notice:

Your message did not reach some or all of the intended recipients.

Subject: FW: Undeliverable: RE: McGill letter to Horak
Sent: 3/14/2010 2:51 PM

The following recipient(s) could not be reached:

  support@comcast.net on 3/16/2010 2:58 PM
  Could not deliver the message in the time limit specified. Please retry or contact your administrator.
  <dmwlaw.com #4.4.7>

Avatar of sraley

ASKER

one domain started on 3/15 saying unable to open msg for delivery. I've deleted out of the 9 1 by 1 and getting the same error on every message. this domain is hosted by MCI.
Avatar of sraley

ASKER

the server rejection notice on our side for the domain on mci says This message was rejected due to the current administrative policy by the destination server. Please retry at a later time. If that fails, contact your system administrator.
  <dmwlaw.com #4.3.2>

So it could still be something with our ISP.
Avatar of sraley

ASKER

we also have a problem with the domain homebuildersmd.com which according to whois, godaddy owns their IP address so I have issues with 3 ISP's.
>This message was rejected due to the current administrative policy by the destination server.
This tells you that the destination server is rejecting your email based on their policy. As I posted earlier the individual domain has some sort policy rejecting mail from your domain, you need to call them and find out why they are blocking email from your domain.
#4.3.2 - Tells you that the administrator on the destination server has done something to prevent email from you.
#4.4.7 - Simply means your email server got tired of trying to send the email and is giving up.
Hope this helps.
Avatar of sraley

ASKER

Yes I got alot of 4.4.7's this morning since I forgot to clear the mail. I've contacted comcast twice and was hung up on so I've called management of my ISP and told them they needed to make contact and cc'd all the lawyers. Comcast said there is nothing on their side which may be correct since the old ip is still working when I change it in the firewall and have been twice a day for 2 weeks to get the email out of the queues.
I'm not clear as to why you still think this is your ISPs issue? The new IP address is resolving DNS correcly to your domain and your rDNS (PTR) is resolving correctly also.
Your old IP addres is resolving back to comcast, which is accurate since they own the IP address.
I don't know why you keep changing the router back to the old IP address, you could be causing yourself more harm than good.
You need to contact the domain you are trying to send email to and find out from them why they are rejecting email coming from you.
You mentioned these were in a queue so that means they may have been in there since before the change to the new IP address, have you tried sending a new email to this domain?
Avatar of sraley

ASKER

I'm changing back to the old ip when I want to clear all the exchange queues and the mail is delivered and then I change back to the new Ip. the old ip is not being taken away until march 31.  There were no problems until we switched IP's.  Comcast will not work with me so I've told my ISP to talk to comcast because I have another exchange box that got a new IP, and can deliver emails to comcast.net fine so why this IP no one can tell me why since everyone keeps telling me everything resolves fine.  Look at the date on this thread 3/9 thats when I changed the IP and I've had email problems since then. if email sits in exchange queue for 48 hrs it times out so I'm changing the router so the queues empty and get delivered then I change it back so incoming mail works.
I wish I was a better writer then I could communicate to you on what is happening and how I think you should resolve it. But I'll keep trying:-).
1. When you switch your router back to the old IP you can send email to comast.net customers? But you can't send/receive email to anyone else outside of comcast.net?
2. When you switch your router to the new IP address you can send/receive email to everyone on the internet except a few domains? You cannot send/receive email from comcast.net customers?
Please review these comments and post your comments specifically to these two questions so I can clarify where we are at. Then I can hopefully post a better solution(s) for you:-).
Avatar of sraley

ASKER

1) when I put in old IP I can send out to anyone, no issues. I can't receive temporarily because of DNS pointers going to new IP.

2) New IP I can receive from anyone. I have at least 2 domains that I can not send to.

1. This would be expected behavior.
2. This would be expected behavior.
Now the only issue to resolve is to contact the 2 domains, You need to speak with somone that is charge of their email delivery system.
I have came up against these problems many times and can tell you with confidence that based on your comments, the only way you will resolve the remaining issue is contact the domains directly.
Have tried to send a new email, like today, to those two domains since the new IP addresses have been working properly?
Another thing that you might think about, if those 2 domains are restricting email by IP address and yours has changed then this could the reason they are blocking you. You would need to have them update your IP address to the new one.
Hope this helps.
Avatar of sraley

ASKER

1) Contacted both, like I stated, Comcast has hung up on me twice so I told my isp to call them. Godaddy I have an issue # and haven't heard anything since getting a ticket with them.

2) Yes emails are sitting in the queue right now, they were in there this morning, nothing is going out to them.

3) Told comcast that my old ip addrss works fine and doesn't meet their rdns requirements so stop blaming rdns even though I got it fixed and they had no response.
>so I told my isp to call them (Comcast)?
I need to clarify something, Is Comcast your ISP or not. If not who is your ISP?
Avatar of sraley

ASKER

my isp is metrocast who just called me (their NOC) and is going to try and call comcast for me.  godaddy just said they removed me from their blacklist so I'm getting ready to test that now.
So let me try to clarify, You are saying that comcast use to be your isp and when you had to change the ip address it is because you are now with metrocast? The IP that you use to have belongs to comcast and then metrocast took over which means the need for the ip change. Does sound about right?
Avatar of sraley

ASKER

no, never changed ISP's. My isp metrocast has to change a block of IP's, when I changed IP's comcast stopped accepting from my IP, but they still accept from the old IP. Metrocast thinks its an internal blacklist since we just talked to godaddy and they have an internal blacklist and said they removed my ip, so I'm getting ready to test that now.
oh ok, sure is very confusing as to what is going on there.
Avatar of sraley

ASKER

well godaddy works so they did have their own internal blacklist so we have to find the right person at comcast to get removed from theirs. My ISP have done their own checks and based on the fact that my old IP doesn't meet "requirements" that comcast told me to fix like a valid rDNS but I can send email with it.
ASKER CERTIFIED SOLUTION
Avatar of ConchCrawl
ConchCrawl
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial