Solved

Can't receive emails from one client

Posted on 2010-09-23
15
387 Views
Last Modified: 2012-05-10
I'm on Exchange 2003, and have never had email problems. Suddenly, one of our clients can no longer contact us. They send us messages and their Exchange server just says the message is delayed, delayed, delayed, then failed. DNS is correct, the messages aren't reaching our network at all. They're on Exchange 2010 and can send just fine to everybody else.

When I telnet from a remote computer into our Exchange server, I get:

220 [domain] Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at  Th
u, 23 Sep 2010 13:10:16 -0700

But when the people at this network that can't send us mail run the same telnet command, they get:

220 *****************************************************************************************

Any idea what the problem is?
0
Comment
Question by:NRTCF
  • 5
  • 4
  • 2
  • +2
15 Comments
 
LVL 7

Expert Comment

by:myhc
ID: 33748337
can anyone else at the same domain send you emails. (so john@domain.com can't.. can jess@domain.com send them to you?)
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33748359
they have something blocking smtp verbs on their router
are they having issues with anyone else
0
 
LVL 23

Accepted Solution

by:
Brian B earned 250 total points
ID: 33748388
I have seen that happen when the Exchange server is going through a Cisco Firewall which has the "smtp fixup" turned on.
0
 
LVL 7

Expert Comment

by:myhc
ID: 33748414
I think it could be a SMTP issue.

Please goto http://www.mxtoolbox.com/

do a MX test on your domain.com name.
then click the SMTP test button on your resolved smtp server.

Please let me know if anything fails.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33748429
That's it smtp fixup. Thx tbone
0
 

Author Comment

by:NRTCF
ID: 33748995
Thanks gang.

MYHC: No, nobody at theirdomain.com can send me emails at mydomain.com. MX & SMTP tests at mxtoolbox are good for mydomain.com

TBone2K: I'll try that, thanks.

ENDITALL1097: They're not having issues with anyone else as far as I know.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33749222
TBone2K is correct in his earlier post
220 *****************************************************************************************
This is classis CISCO SMTP Fixup / ESMTP Inspect which is supposed to help secure mail transport, but in fact reduces the command set and messes with mail-flow.
Please re-configure your CISCO appliance (PIX / ASA) and disable / turn off ESMTP Inspect or SMTP Fixup and then you might be able to receive from the problem domain.
 
0
Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

 

Author Comment

by:NRTCF
ID: 33749297
TBone2K's suggestion was correct. They can now telnet successfully to my Exchange server. However, they still get a 'delayed' message when trying to send email to mydomain.com

Any idea what else it could be? Their Exchange server simply reports:

#550 4.4.7 QUEUE.Expired; message expired # #
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33749323
Do you know their IP Address?
Can you look it up on www.mxtoolbox.com/blacklists.aspx?
Can you post their domain name please - which I can obscure - so that I can see if there is anything odd about their domain.  They may be missing Reverse DNS, be badly configured or be blacklisted.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33749411
Thanks - comment deleted to protect their identity.
Alan Hardisty
Experts Exchange Zone Advisor
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 33749501
Okay - they are badly configured.
There are 3 MX records on their domain - their primary MX has a priority of 0 - which can cause inbound issues, but not outbound issues - you might want to let them know, but this is not causing the problem.  They should change the Priority from 0 to anything else.  They already have a 5, so 1 would be better.
Their primary MX record IP address has a generic Reverse DNS record listed for it - they are required to have a crrectly configured Reverse DNS record if they send out mail from their IP Address.  Currently they are IP_Address_dia.static.qwest.net. and should be smtp.theirdomain.com.  Your server may be rejecting them because of this.
They are sitting behind a Sonicwall device which is restricting the SMTP Verbs that can be used and this may be causing the problem.
They need to call their ISP and ask for Revers DNS of smtp.theirdomain.com to be setup on their fixed IP Address
This is the response from their server:
220 kinhmf01.north-hollywood.theirdomain.local ESMTP SonicWALL (7.2.1.2841)
ehlo mydomain.co.uk
250-kinhmf01.north-hollywood.theirdomain.local
250-8BITMIME
250-ENHANCEDSTATUSCODES
250 SIZE
This is the response from my server:
220 server.mydomain.co.uk Microsoft ESMTP MAIL Service ready at Thu, 23 Sep 201
0 23:30:18 +0100
ehlo mydomain.co.uk
250-server.mydomain.co.uk Hello [10.xx.xx.xx]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM LOGIN
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
They need to reconfigure their Sonicwall to disable SMTP Verbs - SMTP Inspection - SMTP interference for want of a better description and then they might have fewer issues sending to you.
0
 

Author Comment

by:NRTCF
ID: 33749588
alanhardisty,

Thanks, I'll have them try that and let you know!
0
 

Author Comment

by:NRTCF
ID: 33756350
alanhardisty,

They are hesitant to make these changes. Can you think of anywhere on the web that looks authoritative and recommends the setup you've recommended, so I can persuade them it's really their end that needs to change? :)
0
 
LVL 23

Expert Comment

by:Brian B
ID: 33769649
I think we are getting off topic for the original question. The issue was caused by SMTP fixup.
0
 

Author Closing Comment

by:NRTCF
ID: 33771209
thanks, guys!
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now