garychu
asked on
Help needed to interpret SMTPDiag results
I have a MS Exchange 2003 smtp queue of undeliverable mails to a particular email domain (@bigpond.com).
I did a
smtpdiag gary@devon.co.nz devaus@bigpond.com /v
with results in attachment.
From what I could make out from the results, there does not seem to be any issue. Yet the queue stubbornly stays unmoved. Meanwhile outbound mails to other recipients continue as usual.
Administrative support of the receiving domain, @bigpond.com claim that they do not use any spam filters. In any case, if sender, @devon.co.nz is blacklisted, would'nt their mail server had rejected the connection?
Could an experts please help interpret the diagnostic results and suggest further trouble-shooting procedures?
Thank you very much for helping with reducing the stress!
log.txt
I did a
smtpdiag gary@devon.co.nz devaus@bigpond.com /v
with results in attachment.
From what I could make out from the results, there does not seem to be any issue. Yet the queue stubbornly stays unmoved. Meanwhile outbound mails to other recipients continue as usual.
Administrative support of the receiving domain, @bigpond.com claim that they do not use any spam filters. In any case, if sender, @devon.co.nz is blacklisted, would'nt their mail server had rejected the connection?
Could an experts please help interpret the diagnostic results and suggest further trouble-shooting procedures?
Thank you very much for helping with reducing the stress!
log.txt
Mark Damen
Looking over your log, the SMTP sequence of commands is normal and does not show any failure.
If you force the queue to process do you see any errors in the logs?
Concur with MarkusDamen -- all looks good in that log file.
Bigpond apparently has one MX record that I see, with two hosts for that address -- and when I just attempted to connect on port 25 they (both of them) were VERY slow to respond. Therefore, I would strongly suspect the slow response of the destination mail servers is your culprit.
Bigpond apparently has one MX record that I see, with two hosts for that address -- and when I just attempted to connect on port 25 they (both of them) were VERY slow to respond. Therefore, I would strongly suspect the slow response of the destination mail servers is your culprit.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Check your IP is not on any blacklists as a matter of course.
http://www.mxtoolbox.com/blacklists.aspx
Also check it isn't one particular email that is causing a backlog, perhaps a large email?
Shaun
http://www.mxtoolbox.com/blacklists.aspx
Also check it isn't one particular email that is causing a backlog, perhaps a large email?
Shaun
ASKER
Thanks for the overwhelmingly quick resposnes, experts.
radnbne: Forcing the queue does not change the status. Not sure which log you meant.
Razmus: But the queue has been stuck for nearly a week now. Bigpond is the biggest ISP in Australia. I assume that at some stage, one or other of the mail servers would be free.
sunnyc7: Do you mean first freeze and then unfreeze?
shauncroucher: Yes, the IP is listed on 2 to 3 dnsbl lists. (It's hard to be not listed by at least one or two at any one time. I may be wrong, but I suspect that some are dubious. For instance, UCEPROTECTL1 asks for USD97 to be delisted immediately. Others require such details for the request - suggesting that they in fact make up mailing lists.). In any case, would it have mattered if Bigpond support insists that they do not filter spam. (Hard to believe!). If the IP is listed, would the smtp connection be still successful, yet mail could not be delivered.
I will remove the queue and ask users to re-send. Then see what happens.
Thanks in the meantime.
radnbne: Forcing the queue does not change the status. Not sure which log you meant.
Razmus: But the queue has been stuck for nearly a week now. Bigpond is the biggest ISP in Australia. I assume that at some stage, one or other of the mail servers would be free.
sunnyc7: Do you mean first freeze and then unfreeze?
shauncroucher: Yes, the IP is listed on 2 to 3 dnsbl lists. (It's hard to be not listed by at least one or two at any one time. I may be wrong, but I suspect that some are dubious. For instance, UCEPROTECTL1 asks for USD97 to be delisted immediately. Others require such details for the request - suggesting that they in fact make up mailing lists.). In any case, would it have mattered if Bigpond support insists that they do not filter spam. (Hard to believe!). If the IP is listed, would the smtp connection be still successful, yet mail could not be delivered.
I will remove the queue and ask users to re-send. Then see what happens.
Thanks in the meantime.
ASKER
Have since deleted the old stuck queue.
But seem to have made no difference.
Have also tried an smtpdiag analysis from another site. This other site uses the same ISP and DNS servers.
Attached is the result. It looks pretty much the same as the problem one.
I still feel that the most likely cause would be listing on an RBL.
But how do I get to convince the support guys at Bigpond - roos with head in the sand attitude!
But seem to have made no difference.
Have also tried an smtpdiag analysis from another site. This other site uses the same ISP and DNS servers.
Attached is the result. It looks pretty much the same as the problem one.
I still feel that the most likely cause would be listing on an RBL.
But how do I get to convince the support guys at Bigpond - roos with head in the sand attitude!
A global RBL Check finds no issues with their server. Your own test managed to send the email without a problem, this would not have happened if RBL was involved.
I think you need proof that bigpond is at fault. Usually when I send mail to an account on the blacklist the message sis accepted for delivery and then a rejection message comes back.
Are you getting any bounced messages?
I think you need proof that bigpond is at fault. Usually when I send mail to an account on the blacklist the message sis accepted for delivery and then a rejection message comes back.
Are you getting any bounced messages?
Usually you would get a bounce back. If you are on any blackest, you do need to get that resolved and it is likely to be the cause. You should find out how you ended up on it in the first place too.
Shaun
Shaun
Can you try restarting the server once ?
ASKER
I can confirm that the sender domain still remains on a couple of the dnsbl.info lists. Unreasonable amount of monies are demanded for immediate delisting - otherwise will take another 1-2 weeks. Who is worse, spammers or people who are supposed to help control spams?
No bounc-backs from bigpond.com which could be their policy of not doing so.
Have also re-started the server.
Biggest mistake was to have allowed the black-listing to have happen. Even changes of IP will not help if the problem of finding the spambot is not first dealt with.
Would you agree that as far as interpreting the bigpond.com smtpdiag log is concerned, the issue is now settled?
No bounc-backs from bigpond.com which could be their policy of not doing so.
Have also re-started the server.
Biggest mistake was to have allowed the black-listing to have happen. Even changes of IP will not help if the problem of finding the spambot is not first dealt with.
Would you agree that as far as interpreting the bigpond.com smtpdiag log is concerned, the issue is now settled?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks, experts.
With your inputs I think I now have enough to proceed further.
With your inputs I think I now have enough to proceed further.