Delivery to the following recipients has been delayed.

Hi everybody,
I am having trouble sending email to a domain. They can send me emails but i can't.
This is the message i get when i send them emails

Reporting-MTA: dns;our webmail
Received-From-MTA: dns;our exchange
Arrival-Date: Wed, 3 Mar 2010 11:39:24 -0500

Final-Recipient: rfc822;user@domain.ca
Action: delayed
Status: 4.4.7
Will-Retry-Until: Fri, 5 Mar 2010 11:39:24 -0500


This is an automatically generated Delivery Status Notification.

THIS IS A WARNING MESSAGE ONLY.

YOU DO NOT NEED TO RESEND YOUR MESSAGE.

Delivery to the following recipients has been delayed.

       user@domain.ca

I have a back-end exchange 2003, Norman email protection installed on it. front-end server 2003 with apache installed which is the remote host. I dont know what could be the problem why they are not receiving our email. wondering if that problem is at my end or their end?

cloperaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

shauncroucherCommented:
You will need loads more investigation to find out what the problem is.

To start you off:

1) Check you are not on a blacklist - enter your server ip in mxtoolbox.com --> blacklists
2) Make sure you don't have a DNS issue in your environment, can you use nslookup on command line to find the MX records for the domain in question?
3) Make sure port 25 is open from your organisation to theirs? Can you telnet port 25 to their mail server?

Shaun
0
cloperaAuthor Commented:
Hi there,

1)-I am not blacklisted as i checked that
2)-I dont have DNS problem and i can do nslookup to find their MX records.
3)-When i telnet from my network to their i get the 220*********************** when i type ehlo or helo domain.com give me error 500 unknow or unimplemented command. When i open the nwtools.com and do the email verification i can see the telnet working well.

I've done all those verification.
I can send emails to all other domains fine. I can receive emails from that domain that i can't send to.

I wonder what else should i check?
0
Alan HardistyCo-OwnerCommented:
They are behind a Cisco Box and have SMTP Fixup enabled which causes more problems with Mail Flow than it is meant to fix.
You might like to call them and ask them to remove SMTP Fixup from their Cisco Router and that will hopefully resolve your problem.
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

Alan HardistyCo-OwnerCommented:
The 220 **********************************************
is classic SMTP Fixup on a Cisco box or similar.
0
cloperaAuthor Commented:
I have the SMTP FIXUP on my router, do i need to disable it also or just at the destination side? Do you think disabling this option on both side will allow email to be delivered to the destination? As i said i can receive emails from this domain but only can't send to them. Thanks
0
cloperaAuthor Commented:
Sorry i dont have a cisco PIX firewall, i have ASA so i think the problem not coming from the SMTP fixup. Any other suggestions? i will contact the other side to check if they have a PIX firewall.
0
Alan HardistyCo-OwnerCommented:
Not sure which side it is, but anyone with a Cisco anything that has SMTP Fixup enabled, needs to turn it off as it causes more problems than it fixes.
0
shauncroucherCommented:
can you successfully submit using telnet to their server? use helo rather than ehlo. actually send a message through to a recipient and clarify if they get it.

are they having issues with others sending to them or only your domain?

shaun
0
cloperaAuthor Commented:
When i telnet i get the following code 220********** but and can't use the helo nor ehlo. When i use the nwtools.com and try telnet from their it shows me that it did work. I dont know if they have problem receiving from others also. Any suggestions ?
0
Alan HardistyCo-OwnerCommented:
Exchange and SMTP Fixup on a Cisco PIX or Cisco ASA device do not always get on with each other.  If you need to send mail to the other domain, ask the to disable SMTP Fixup.
Google SMTP FIXUP and see what results you get - there are lots of posts advising to get rid of it.
Have a read of this EE Question:
http://www.experts-exchange.com/Security/Software_Firewalls/Q_22154434.html 
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
cloperaAuthor Commented:
Thanks for your comment, i read a lot about this fixup but mostly for PIX and in my case i have a ASA, where do i find it in the ASA? If i disable this option, do i have to do it on my side or the destination side must do it? because i can receive emails from them correctly.

Some told me to disable the 8BITMIME on the exchange server, but i am really confused about that part. My network admin is not really convinced that the FIXUP is causing the problem. I am totally lost.
0
cloperaAuthor Commented:
Thanks for your comment, i read a lot about this fixup but mostly for PIX and in my case i have a ASA, where do i find it in the ASA? If i disable this option, do i have to do it on my side or the destination side must do it? because i can receive emails from them correctly.

Some told me to disable the 8BITMIME on the exchange server, but i am really confused about that part. My network admin is not really convinced that the FIXUP is causing the problem. I am totally lost.
0
Alan HardistyCo-OwnerCommented:
If you telnet into your server from an external computer on port 25, if you see 220 ******************************************************** as the response - you have SMTP Fixup enabled.
If not - then don't worry - but the other end definitely does and this will cause problems.
0
cloperaAuthor Commented:
Alanhardisty
Right when i telnet to my server from external network i do get the 220*****, but the destination side that can't get my emails also have the 220******* when i telnet to their server.

My question is how come i am receiving all emails fine and send emails fine and this option is enabled? I guess at their side also they receive and send normally.

 I am just trying to understand before removing the fixup.

Thanks
0
Alan HardistyCo-OwnerCommented:
SMTP Fixup enables a 'Mail Guard' feature which only lets mail servers receive the RFC 821, section 4.5.1 commands of HELO, MAIL, RCPT, DATA, RSET, NOOP, and QUIT. All other commands are rejected with the "500 command unrecognized" reply code.
Extract from http://www.netcraftsmen.net/resources/archived-articles/379.html :
Microsoft Exchange administrators should take special note that by default their mail servers use the extended command set of ESMTP. The PIX SMTP fixup does not cover everything that may be needed for a transaction between two ESMTP servers.  Therefore, be aware that the limited set of supported Mail Guard commands may be at the root of some mail flow problems. See the documentation for more details of getting PIX and Exchange to play well together.
http://blogs.oucs.ox.ac.uk/networks/2009/11/26/cisco-firewall-smtp-fixup-considered-harmful/
0
shauncroucherCommented:
As Alan says, it works for some, not others - try disabling it for a while and see if it rectifies the problem.

If you can't run a simple telnet test using helo or ehlo you have a serious issue.

You should always be able to run:

telnet destination 25
HELO yourdomain.com
mail from:<you@yourdomain.com>
rcpt to:<them@theirdomain.com>
data
Test email
.


If that sequence (typed including all the info) and it doesn't work, there is a problem.

Shaun
0
cloperaAuthor Commented:
Thank you guys for helping me

I spoke with my net admin and he removed  the inspection as stated here:
http://www.binarywar.com/2009/11/cisco-pixasa-causes-smtp-banner-corruption/

I am trying to telnet now but still getting the 220***** weird eh?

But when i use nwtools.com and do a telnet from the website i see all the verbs. I am confused.

0
cloperaAuthor Commented:
Hey guys,

Today i received a postmaster with another error message:

Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server

user@domain.com

So i understand that the problem is not really from my side right? as i said i disabled the FIXUP option on my ASA.
0
Alan HardistyCo-OwnerCommented:
My first comment advised you that this was not your problem:
"They are behind a Cisco Box and have SMTP Fixup enabled which causes more problems with Mail Flow than it is meant to fix.
You might like to call them and ask them to remove SMTP Fixup from their Cisco Router and that will hopefully resolve your problem. "
0
cloperaAuthor Commented:
thank you Alanhardisty

I will manage to speak with their IT department to inform them about the issue. will get back  to you when i hear from them. Appreciate it.
0
Alan HardistyCo-OwnerCommented:
No problems.
Good luck.
0
cloperaAuthor Commented:
do you mind looking at my other question :

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_25517587.html

I WONDER IF ITS THE SAME PROBLEM AS THIS ONE.

Thanks
0
cloperaAuthor Commented:
The solution to this problem was removing the server from blacklist. I was blacklisted from SORBS so i did manage to be whitelisted from their databse and after 24h i did some email test and my emails went fine.
0
Glen KnightCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Software

From novice to tech pro — start learning today.