Delivery to the following recipients has been delayed.
Hi everybody,
I am having trouble sending email to a domain. They can send me emails but i can't.
This is the message i get when i send them emails
Reporting-MTA: dns;our webmail
Received-From-MTA: dns;our exchange
Arrival-Date: Wed, 3 Mar 2010 11:39:24 -0500
Final-Recipient: rfc822;user@domain.ca
Action: delayed
Status: 4.4.7
Will-Retry-Until: Fri, 5 Mar 2010 11:39:24 -0500
This is an automatically generated Delivery Status Notification.
THIS IS A WARNING MESSAGE ONLY.
YOU DO NOT NEED TO RESEND YOUR MESSAGE.
Delivery to the following recipients has been delayed.
user@domain.ca
I have a back-end exchange 2003, Norman email protection installed on it. front-end server 2003 with apache installed which is the remote host. I dont know what could be the problem why they are not receiving our email. wondering if that problem is at my end or their end?
I am having trouble sending email to a domain. They can send me emails but i can't.
This is the message i get when i send them emails
Reporting-MTA: dns;our webmail
Received-From-MTA: dns;our exchange
Arrival-Date: Wed, 3 Mar 2010 11:39:24 -0500
Final-Recipient: rfc822;user@domain.ca
Action: delayed
Status: 4.4.7
Will-Retry-Until: Fri, 5 Mar 2010 11:39:24 -0500
This is an automatically generated Delivery Status Notification.
THIS IS A WARNING MESSAGE ONLY.
YOU DO NOT NEED TO RESEND YOUR MESSAGE.
Delivery to the following recipients has been delayed.
user@domain.ca
I have a back-end exchange 2003, Norman email protection installed on it. front-end server 2003 with apache installed which is the remote host. I dont know what could be the problem why they are not receiving our email. wondering if that problem is at my end or their end?
ASKER
Hi there,
1)-I am not blacklisted as i checked that
2)-I dont have DNS problem and i can do nslookup to find their MX records.
3)-When i telnet from my network to their i get the 220***********************
I've done all those verification.
I can send emails to all other domains fine. I can receive emails from that domain that i can't send to.
I wonder what else should i check?
1)-I am not blacklisted as i checked that
2)-I dont have DNS problem and i can do nslookup to find their MX records.
3)-When i telnet from my network to their i get the 220***********************
I've done all those verification.
I can send emails to all other domains fine. I can receive emails from that domain that i can't send to.
I wonder what else should i check?
They are behind a Cisco Box and have SMTP Fixup enabled which causes more problems with Mail Flow than it is meant to fix.
You might like to call them and ask them to remove SMTP Fixup from their Cisco Router and that will hopefully resolve your problem.
You might like to call them and ask them to remove SMTP Fixup from their Cisco Router and that will hopefully resolve your problem.
The 220 **************************
is classic SMTP Fixup on a Cisco box or similar.
is classic SMTP Fixup on a Cisco box or similar.
ASKER
I have the SMTP FIXUP on my router, do i need to disable it also or just at the destination side? Do you think disabling this option on both side will allow email to be delivered to the destination? As i said i can receive emails from this domain but only can't send to them. Thanks
ASKER
Sorry i dont have a cisco PIX firewall, i have ASA so i think the problem not coming from the SMTP fixup. Any other suggestions? i will contact the other side to check if they have a PIX firewall.
Not sure which side it is, but anyone with a Cisco anything that has SMTP Fixup enabled, needs to turn it off as it causes more problems than it fixes.
can you successfully submit using telnet to their server? use helo rather than ehlo. actually send a message through to a recipient and clarify if they get it.
are they having issues with others sending to them or only your domain?
shaun
are they having issues with others sending to them or only your domain?
shaun
ASKER
When i telnet i get the following code 220********** but and can't use the helo nor ehlo. When i use the nwtools.com and try telnet from their it shows me that it did work. I dont know if they have problem receiving from others also. Any suggestions ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your comment, i read a lot about this fixup but mostly for PIX and in my case i have a ASA, where do i find it in the ASA? If i disable this option, do i have to do it on my side or the destination side must do it? because i can receive emails from them correctly.
Some told me to disable the 8BITMIME on the exchange server, but i am really confused about that part. My network admin is not really convinced that the FIXUP is causing the problem. I am totally lost.
Some told me to disable the 8BITMIME on the exchange server, but i am really confused about that part. My network admin is not really convinced that the FIXUP is causing the problem. I am totally lost.
ASKER
Thanks for your comment, i read a lot about this fixup but mostly for PIX and in my case i have a ASA, where do i find it in the ASA? If i disable this option, do i have to do it on my side or the destination side must do it? because i can receive emails from them correctly.
Some told me to disable the 8BITMIME on the exchange server, but i am really confused about that part. My network admin is not really convinced that the FIXUP is causing the problem. I am totally lost.
Some told me to disable the 8BITMIME on the exchange server, but i am really confused about that part. My network admin is not really convinced that the FIXUP is causing the problem. I am totally lost.
If you telnet into your server from an external computer on port 25, if you see 220 **************************
If not - then don't worry - but the other end definitely does and this will cause problems.
If not - then don't worry - but the other end definitely does and this will cause problems.
ASKER
Alanhardisty
Right when i telnet to my server from external network i do get the 220*****, but the destination side that can't get my emails also have the 220******* when i telnet to their server.
My question is how come i am receiving all emails fine and send emails fine and this option is enabled? I guess at their side also they receive and send normally.
I am just trying to understand before removing the fixup.
Thanks
Right when i telnet to my server from external network i do get the 220*****, but the destination side that can't get my emails also have the 220******* when i telnet to their server.
My question is how come i am receiving all emails fine and send emails fine and this option is enabled? I guess at their side also they receive and send normally.
I am just trying to understand before removing the fixup.
Thanks
SMTP Fixup enables a 'Mail Guard' feature which only lets mail servers receive the RFC 821, section 4.5.1 commands of HELO, MAIL, RCPT, DATA, RSET, NOOP, and QUIT. All other commands are rejected with the "500 command unrecognized" reply code.
Extract from http://www.netcraftsmen.net/resources/archived-articles/379.html :
Microsoft Exchange administrators should take special note that by default their mail servers use the extended command set of ESMTP. The PIX SMTP fixup does not cover everything that may be needed for a transaction between two ESMTP servers. Therefore, be aware that the limited set of supported Mail Guard commands may be at the root of some mail flow problems. See the documentation for more details of getting PIX and Exchange to play well together.
http://blogs.oucs.ox.ac.uk/networks/2009/11/26/cisco-firewall-smtp-fixup-considered-harmful/
Extract from http://www.netcraftsmen.net/resources/archived-articles/379.html :
Microsoft Exchange administrators should take special note that by default their mail servers use the extended command set of ESMTP. The PIX SMTP fixup does not cover everything that may be needed for a transaction between two ESMTP servers. Therefore, be aware that the limited set of supported Mail Guard commands may be at the root of some mail flow problems. See the documentation for more details of getting PIX and Exchange to play well together.
http://blogs.oucs.ox.ac.uk/networks/2009/11/26/cisco-firewall-smtp-fixup-considered-harmful/
As Alan says, it works for some, not others - try disabling it for a while and see if it rectifies the problem.
If you can't run a simple telnet test using helo or ehlo you have a serious issue.
You should always be able to run:
telnet destination 25
HELO yourdomain.com
mail from:<you@yourdomain.com>
rcpt to:<them@theirdomain.com>
data
Test email
.
If that sequence (typed including all the info) and it doesn't work, there is a problem.
Shaun
If you can't run a simple telnet test using helo or ehlo you have a serious issue.
You should always be able to run:
telnet destination 25
HELO yourdomain.com
mail from:<you@yourdomain.com>
rcpt to:<them@theirdomain.com>
data
Test email
.
If that sequence (typed including all the info) and it doesn't work, there is a problem.
Shaun
ASKER
Thank you guys for helping me
I spoke with my net admin and he removed the inspection as stated here:
http://www.binarywar.com/2009/11/cisco-pixasa-causes-smtp-banner-corruption/
I am trying to telnet now but still getting the 220***** weird eh?
But when i use nwtools.com and do a telnet from the website i see all the verbs. I am confused.
I spoke with my net admin and he removed the inspection as stated here:
http://www.binarywar.com/2009/11/cisco-pixasa-causes-smtp-banner-corruption/
I am trying to telnet now but still getting the 220***** weird eh?
But when i use nwtools.com and do a telnet from the website i see all the verbs. I am confused.
ASKER
Hey guys,
Today i received a postmaster with another error message:
Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server
user@domain.com
So i understand that the problem is not really from my side right? as i said i disabled the FIXUP option on my ASA.
Today i received a postmaster with another error message:
Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server
user@domain.com
So i understand that the problem is not really from my side right? as i said i disabled the FIXUP option on my ASA.
My first comment advised you that this was not your problem:
"They are behind a Cisco Box and have SMTP Fixup enabled which causes more problems with Mail Flow than it is meant to fix.
You might like to call them and ask them to remove SMTP Fixup from their Cisco Router and that will hopefully resolve your problem. "
"They are behind a Cisco Box and have SMTP Fixup enabled which causes more problems with Mail Flow than it is meant to fix.
You might like to call them and ask them to remove SMTP Fixup from their Cisco Router and that will hopefully resolve your problem. "
ASKER
thank you Alanhardisty
I will manage to speak with their IT department to inform them about the issue. will get back to you when i hear from them. Appreciate it.
I will manage to speak with their IT department to inform them about the issue. will get back to you when i hear from them. Appreciate it.
No problems.
Good luck.
Good luck.
ASKER
do you mind looking at my other question :
https://www.experts-exchange.com/questions/25517587/smtp-554-5-6-1-Body-type-not-supported-by-Remote-Host.html
I WONDER IF ITS THE SAME PROBLEM AS THIS ONE.
Thanks
https://www.experts-exchange.com/questions/25517587/smtp-554-5-6-1-Body-type-not-supported-by-Remote-Host.html
I WONDER IF ITS THE SAME PROBLEM AS THIS ONE.
Thanks
ASKER
The solution to this problem was removing the server from blacklist. I was blacklisted from SORBS so i did manage to be whitelisted from their databse and after 24h i did some email test and my emails went fine.
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
To start you off:
1) Check you are not on a blacklist - enter your server ip in mxtoolbox.com --> blacklists
2) Make sure you don't have a DNS issue in your environment, can you use nslookup on command line to find the MX records for the domain in question?
3) Make sure port 25 is open from your organisation to theirs? Can you telnet port 25 to their mail server?
Shaun