• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1644
  • Last Modified:

Emails return NDR #550 4.4.7 QUEUE.Epired; message expired

Unable to send or receive emails from one particular company.  Cannot, telnet to their mail.domain.com
ERROR: 5 Incomplete SMTP session (cause: idle timeout [company.domain]
0
flannk
Asked:
flannk
1 Solution
 
chapmanjwCommented:
This sounds like an issue on their end.  If you can send/receive emails from other organizations, but not this one, it is most likely their issue.  From what you provided, it seems that their SMTP server is either offline or being blocked by a network issue on their end.
0
 
flannkAuthor Commented:
There advise to us is that they can send to other organisations, but is only our organisation that they can't send to.  Would this occur if it was still their smtp server??
0
 
Alan HardistyCommented:
Please advise your domain name and sending IP address and their domain name (which I will immediately obscure) then I can look at the configurations of your domain / their domain and see where the problems might be.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Shabarinath RamadasanInfrastructure ArchitectCommented:
Did you tried sending a test mail from gmail or yahoo?
See if some blacklisting happened from your ip range or domain name.

Good luck
Shaba
0
 
flannkAuthor Commented:
alanhardisty >  Can I email you this information as I don't really want to publise either organisation?
0
 
Alan HardistyCommented:
Sure - just drop the details in an email to alan @ it-eye.co.uk.  My Anti-spam software will initially reject you (greylisting), but it should hopefully get through at the second attempt to send.
0
 
Alan HardistyCommented:
Thanks - email received - my findings areas follows:
You are sitting behind a Cisco PIX / ASA device and that device has SMTP FIXUP or INSPECT ESMTP enabled.  This is messing with the available verbs that Exchange can play with and also stops recipients from determining your Fully Qualified Domain Name.  All they see is the following:
mail.yourdomain.subdomain.xxx.au claims to be invalid hostname '******************************************************************************': <br />   220 ****************************************************************************** <br />
What they should see is something similar to this:
mail.yourdomain.subdomain.xxx.au :<br />    220
mail.yourdomain.subdomain.xxx.au Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Wed, 25 Aug 2010 09:39:35 +0100 <br />
Please therefore disable SMTP FIXUP or INSPECT ESMTP and then see if that cures the problem of sending / receiving.
You don't have Reverse DNS setup properly.  This is what you currently have:
Answer:
203.213.xxx.xxx PTR record: 203-213-xxx-xxx-mpls.tpgi.com.au. [TTL 172800s] [A=203.213.xxx.xxx]
Please call your ISP and ask them to setup Reverse DNS on your Fixed IP Address as mail.yourdomain.subdomain.xxx.au (replace this with your proper domain name).
 
Their domain responds as follows:
mail.theirdomain.biz claims to be non-existent host sydmail01.australia.wan: <br /> 220 sydmail01.australia.wan Microsoft ESMTP MAIL Service ready at Wed, 25 Aug 2010 18:42:27 +1000 <br />
If they have Exchange 2007 / 2010 then this will be reporting on their RECEIVE connector and thus won't necessarily be valid.
They also don't have Reverse DNS setup properly.  This is what they have currently:
Answer:
202.7.xxx.xxx PTR record: 202-7-xxx-xxx-mwl-ts1-2600.tpgi.com.au. [TTL 172800s] [A=None]
*ERROR* There is no A record for 202-7-xxx-xxx-mwl-ts1-2600.tpgi.com.au. (may be negatively cached).
Reverse DNS (or lack of it) is the most likely problem causing them problems sending mail out.  They need to call their ISP and get it setup properly as mail.theirdomain.biz
 
Once you have tweaked your side - let me know and I will re-check to confirm the world sees your changes.
Thanks
Alan
0
 
flannkAuthor Commented:
Thanks for your response.
I have been able to get the reverse DNS setup on our ISP, this hasn't resolved the issue.  I am looking into the firewall.
Information I forgot to mention early was that emails to & from was working up until early June.  Nothing obvious has been changed,upgraded, etc.
0
 
Alan HardistyCommented:
No probs - the Router will need to be changed before people can actually see the name of yur server, so please let me know when that has been changed.
0
 
flannkAuthor Commented:
Problem has been resolved.  It is apparent that the problem was with their ISP (thought to be related to their routing tables) but could get anything concrete from their ISP as to the exact problem.
Thanks all it gave me places to look.
0
 
Alan HardistyCommented:
Ah well - that one would have been rather tricky to determine!
Don't forget to close the question down - accepting your last comment is acceptable as we didn't resolve it for you and you have posted the answer.
0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now