Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 440
  • Last Modified:

Can't receive emails from one client

I'm on Exchange 2003, and have never had email problems. Suddenly, one of our clients can no longer contact us. They send us messages and their Exchange server just says the message is delayed, delayed, delayed, then failed. DNS is correct, the messages aren't reaching our network at all. They're on Exchange 2010 and can send just fine to everybody else.

When I telnet from a remote computer into our Exchange server, I get:

220 [domain] Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at  Th
u, 23 Sep 2010 13:10:16 -0700

But when the people at this network that can't send us mail run the same telnet command, they get:

220 *****************************************************************************************

Any idea what the problem is?
0
NRTCF
Asked:
NRTCF
  • 5
  • 4
  • 2
  • +2
2 Solutions
 
myhcCommented:
can anyone else at the same domain send you emails. (so john@domain.com can't.. can jess@domain.com send them to you?)
0
 
endital1097Commented:
they have something blocking smtp verbs on their router
are they having issues with anyone else
0
 
Brian BIndependant Technology ProfessionalCommented:
I have seen that happen when the Exchange server is going through a Cisco Firewall which has the "smtp fixup" turned on.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
myhcCommented:
I think it could be a SMTP issue.

Please goto http://www.mxtoolbox.com/

do a MX test on your domain.com name.
then click the SMTP test button on your resolved smtp server.

Please let me know if anything fails.
0
 
endital1097Commented:
That's it smtp fixup. Thx tbone
0
 
NRTCFAuthor Commented:
Thanks gang.

MYHC: No, nobody at theirdomain.com can send me emails at mydomain.com. MX & SMTP tests at mxtoolbox are good for mydomain.com

TBone2K: I'll try that, thanks.

ENDITALL1097: They're not having issues with anyone else as far as I know.
0
 
Alan HardistyCommented:
TBone2K is correct in his earlier post
220 *****************************************************************************************
This is classis CISCO SMTP Fixup / ESMTP Inspect which is supposed to help secure mail transport, but in fact reduces the command set and messes with mail-flow.
Please re-configure your CISCO appliance (PIX / ASA) and disable / turn off ESMTP Inspect or SMTP Fixup and then you might be able to receive from the problem domain.
 
0
 
NRTCFAuthor Commented:
TBone2K's suggestion was correct. They can now telnet successfully to my Exchange server. However, they still get a 'delayed' message when trying to send email to mydomain.com

Any idea what else it could be? Their Exchange server simply reports:

#550 4.4.7 QUEUE.Expired; message expired # #
0
 
Alan HardistyCommented:
Do you know their IP Address?
Can you look it up on www.mxtoolbox.com/blacklists.aspx?
Can you post their domain name please - which I can obscure - so that I can see if there is anything odd about their domain.  They may be missing Reverse DNS, be badly configured or be blacklisted.
0
 
Alan HardistyCommented:
Thanks - comment deleted to protect their identity.
Alan Hardisty
Experts Exchange Zone Advisor
0
 
Alan HardistyCommented:
Okay - they are badly configured.
There are 3 MX records on their domain - their primary MX has a priority of 0 - which can cause inbound issues, but not outbound issues - you might want to let them know, but this is not causing the problem.  They should change the Priority from 0 to anything else.  They already have a 5, so 1 would be better.
Their primary MX record IP address has a generic Reverse DNS record listed for it - they are required to have a crrectly configured Reverse DNS record if they send out mail from their IP Address.  Currently they are IP_Address_dia.static.qwest.net. and should be smtp.theirdomain.com.  Your server may be rejecting them because of this.
They are sitting behind a Sonicwall device which is restricting the SMTP Verbs that can be used and this may be causing the problem.
They need to call their ISP and ask for Revers DNS of smtp.theirdomain.com to be setup on their fixed IP Address
This is the response from their server:
220 kinhmf01.north-hollywood.theirdomain.local ESMTP SonicWALL (7.2.1.2841)
ehlo mydomain.co.uk
250-kinhmf01.north-hollywood.theirdomain.local
250-8BITMIME
250-ENHANCEDSTATUSCODES
250 SIZE
This is the response from my server:
220 server.mydomain.co.uk Microsoft ESMTP MAIL Service ready at Thu, 23 Sep 201
0 23:30:18 +0100
ehlo mydomain.co.uk
250-server.mydomain.co.uk Hello [10.xx.xx.xx]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM LOGIN
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
They need to reconfigure their Sonicwall to disable SMTP Verbs - SMTP Inspection - SMTP interference for want of a better description and then they might have fewer issues sending to you.
0
 
NRTCFAuthor Commented:
alanhardisty,

Thanks, I'll have them try that and let you know!
0
 
NRTCFAuthor Commented:
alanhardisty,

They are hesitant to make these changes. Can you think of anywhere on the web that looks authoritative and recommends the setup you've recommended, so I can persuade them it's really their end that needs to change? :)
0
 
Brian BIndependant Technology ProfessionalCommented:
I think we are getting off topic for the original question. The issue was caused by SMTP fixup.
0
 
NRTCFAuthor Commented:
thanks, guys!
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

  • 5
  • 4
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now