Solved

Some emails will not go through

Posted on 2010-08-23
18
2,582 Views
Last Modified: 2013-12-09
I have a unique problem.  I am using ipower pop email. Comcast is our ISP. We have a Sonicwall TZ 170 firewall in place.  When the sonicwall is in place with default settings except the lan and wan configured  and the smtp server is set to ipower's server, emails that are sent to bellsouth.net, gmail.com and a few others that I know of, will never get to there destination. I have no error messages or bouncebacks. The emails leave the outbox and is never heard from again. I can have the sonicwall in place and use comcast's smtp server and they arrive to those destinations within seconds. I can remove the sonicwall and use the ipower smtp server and everything works as well. With the sonicwall in place and I send an email with ipower's webmail to my bellsouth or gamil account, it never arrives. The outlook configuration is correct.
I have spent a day with Ipower support to no avail.  does anyone have any ideas?
0
Comment
Question by:dtsnic
  • 9
  • 3
  • 3
  • +2
18 Comments
 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33504659
0
 
LVL 8

Expert Comment

by:jimmyray7
ID: 33504673
Are you sure the sonicwall is part of the problem?  I suspect Comcast may be blocking smtp to other servers.  There's no reason you can't use Comcast's SMTP server for sending email.
0
 
LVL 8

Expert Comment

by:rr1968
ID: 33504730
Can you try if you can connect to google on port 25?
On the command prompt type:
telnet 74.125.148.10 25
Please let me know if you can connect without any error:
You should get a reply like the one below:
220 Postini ESMTP 253 y6_30_0c7 ready.  CA Business and Professions Code Section
 17538.45 forbids use of this system for unsolicited electronic mail advertisements.

This will validate if your sonicwall is blocking outbound smtp for certain domains..
0
 

Author Comment

by:dtsnic
ID: 33505238
I tried to telnet into the ipower server and received
 220 ESMTP Mon, 23 Aug 2010 16:25:30 -0400: UCE strictly prohibited
so I can see the server, also it is just some emails that aren't receving
 I am not sure it is the sonicwall But when I took it out and just used the comcast gateway it worked.
0
 

Author Comment

by:dtsnic
ID: 33505258
I also teleneted 74.125.148.10.25 and got the CA response above.
0
 
LVL 8

Expert Comment

by:rr1968
ID: 33505383
Can you clarify "so I can see the server, also it is just some emails that aren't receving "
Do you mean you can send some emails to gmail, but not all are received by the recipient?
If you cannot send email to a particular domain at all, i will start looking at the blacklist,
0
 
LVL 8

Expert Comment

by:rr1968
ID: 33505412
I am not familiar with Sonicwall, but in Cisco ASA firewall, we had to disable "inspect ESMTP" command to make sure that there is no mail flow issue. DO you know if there is a similar command on Sonicwall?
0
 

Author Comment

by:dtsnic
ID: 33505507
Well, when I send the telenet command I get a reply back.


Some people receive emails that are sent by us but not all.. People at bellsouth.net and people at gmail Do not ever receive emails when it is configured with the ipower mail server and the sonicwall is in place. Right now I have just the comcast box and configured outlook to the ipower smtp server and I am receiving emails at bellsouth.net and my gmail account but when I put the sonicwall backinto play the emails never show.  BUT I can have the sonicwall in place and change my smtp server to comcast and the emails will show. I have not seen an inspect ESMTP in the sonicwall.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33505649
Are you configured with a static or DHCP configuration for the WAN of your Sonicwall?  When you bypass the sonicwall, what do you have between your test device and the Internet?  UCE stands for Unsolicited Commercial E-Mail.  Do you have any of the security services enabled on the sonicwall (Content Filter, IPS, etc.)?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 3

Expert Comment

by:Dave_LaSalle
ID: 33505717
When you were on the phone with Ipower did they say mail was being delivered to bellsouth.net and that is why they could not help you further?

Do you have the latest image (firmware) for the tz 170?
0
 

Author Comment

by:dtsnic
ID: 33505724
Static WAN configuration.
When the sonicwall is not in place The network is directly connecting to the comcast modem.
I have put the sonicwall back to default and do not have any security services turned on.

Do you think it could be something with my IP address?
0
 

Author Comment

by:dtsnic
ID: 33505738
Yes  IPOWER said they tested and mail is being received from their server......
0
 

Author Comment

by:dtsnic
ID: 33505746
yes the firmware on the SW is the latested. That is one of the first thisngs I checked.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33505799
Do you mean, received TO their server?  This implies that the email is getting to their server from the Outlook client through the Sonicwall, then being passed on by their server to gmail.com.  With the Sonicwall in place, can you email to yourself via ipower?  If so, send one to yourself with the sonicwall in place and one without the sonicwall in place.  Review the header and see what might be changing.  I'm wondering if the filtering of the other providers is blocking something based off SPF rules or something odd ball like that.
0
 

Author Comment

by:dtsnic
ID: 33505990
Ipower says Messages are being received at bellsouth.net and Gmail FROM Ipowers server

I can send and receive to my ipower account.... I can send to other accounts. there are a few that I can't . i.e. my bellsouth.net account and my gmail account never receve any messages......unless the sonicwall is gone OR I use comcast smtp server. I will try comparing the header info
0
 

Author Comment

by:dtsnic
ID: 33506200
The only difference in the header info that I see is that my WAN address changes when I take out the Sonicwall   from my static x.x.x.165 to the comcast gateway address x.x.x.166
0
 
LVL 3

Accepted Solution

by:
Dave_LaSalle earned 500 total points
ID: 33511021
These domains may be just dropping your email because your MX records do not include the .165 address, or is in an RBL or DNSBL or maybe the bounce isn't making it back to your email address.

Resolution if this is the case is to correct MX records for your domain to include your .165 address including reverse lookup.  I imagine Comcast is hosting your nameserver info.  You can use http://www.iptools.com/ or http://rbls.org/ to check out info for your sending domain and correct with comcast.  

You may also need to setup your sonicwall with an address transform which will tag outbound info with the comcast IP.  I'm not familiar with sonicwall so this may so up as some other setting like spoof or copy gateway address.
0
 

Author Closing Comment

by:dtsnic
ID: 33512046
I did find out that the x.x.x.165 is blacklisted by only 3 lists, I am thinking that is why some emails are received and some are not. thatnks for all the great input!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

What is Usenet? There are many different opinions on exactly what Usenet is an isn't. Many opinions are incorrect simply out of ignorance. The Wikipedia listing about Usenet does a good job of explaining it, so instead of repeating it all here I wi…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now