Delayed/Undeliverable Email; Exchange 2007

Been having troubles lately with our Exchange 2007 server, we're getting a higher than normal volume of bounces, delays, or undeliverable email, both incoming and outgoing. The odd thing is it's never consistent, some domains get our mail and can send mail to us, sometimes there is a delay notification and will eventually go through, sometimes they'll get a delay notification and it will go undeliverable.

I've run every test in exchange mail route and it hints to a DNS problem obviously but the messed up thing is i can't find a single thing wrong with anything.

I've checked and refreshed our domain root hints, I've run with domain pointers through verizon dns and googles public dns, integra's dns who is our T1 provider, nothing is stuck in the queue.

I've called Integra to make sure there was no problems between us and them, our adtran is working fine, our router is functioning properly, websites are resolving correctly.

The only semi consistant domain i can test off of is sbcglobal.net which at this time we only can email to and receive about 10% of the time.

I've run numerous mxlookups and we're not on any blacklists, nslookups to other domains all resovle and i can connect to all of the affected domains through telnet.

I'm Stumped...

our domain is hysecurity.com
mail.hysecurity.com


The following is the delay notification we're receiving.

Delivery is delayed to these recipients or distribution lists:

'somedude@sbcglobal.net'

Subject: Test

This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf.

Delivery of this message will be attempted until 11/11/2010 12:23:47 PM (GMT-08:00) Pacific Time (US & Canada). Microsoft Exchange will notify you if the message can't be delivered by that time.


The header info for that email is as follows:

Received: from HSK.HySecurity.local ([10.0.0.12]) by HSK.HySecurity.local
 ([10.0.0.12]) with mapi; Wed, 10 Nov 2010 07:08:18 -0800
Content-Type: application/ms-tnef; name="winmail.dat"
Content-Transfer-Encoding: binary
From: Nick  <email@hysecurity.com>
To: Bruce  <email@hysecurity.com>
Date: Wed, 10 Nov 2010 07:08:16 -0800
Subject: FW: Test
Thread-Topic: Test
Thread-Index: AcuATAK3NzGq6MfLQ6i7cw2BYrpAOwAIa4RCAB7XgPA=
Message-ID: <EECE99C4D3A7AB468F26415F5882793520F999D756@HSK.HySecurity.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-Exchange-Organization-SCL: -1
X-MS-TNEF-Correlator: <EECE99C4D3A7AB468F26415F5882793520F999D756@HSK.HySecurity.local>
MIME-Version: 1.0

Any, ANY ideas would be greatly appreciated!

binaryjunkyAsked:
Who is Participating?
 
Barry GillConnect With a Mentor Chief of StaffCommented:
From: Nick  <email@hysecurity.com>
To: Bruce  <email@hysecurity.com>

Just wondering about this.
The headers "for that mail" as you say it do not seem to be going to anyone externally.
Is the sbcglobal.net address inside a distribution list?

Wasn't clear from your mail, but what is your outbound path?
Do you deliver direct from Exchange or do you deliver to a gateway device or anything like that?
0
 
blue-screenConnect With a Mentor Commented:
I see you have RFC1918 addresses - how is your router/NAT/firewall to the internet set up?

Is your outgoing IP address a static address, or part of a pool of addresses?

Some service providers block port 25 to prevent SPAM attacks.  If you have a "pool" of IP addresses, maybe some of them block port 25 and some do not.

Make sure that mail server address is mapped to a static address that does not block port 25.
0
 
binaryjunkyAuthor Commented:
Yes, our address is a static address, we do have a gateway device, we have a gateway server running forefront TMG, and our exchange server is behind that. Sorry for the confusion about the internal addresses, from nick to me that's a mistake, that particular header was a forwarded mail from nick to me here is a real bounce header.

apologies.


Received: from HSL.HySecurity.local (10.0.0.1) by HSK.HySecurity.local
 (10.0.0.12) with Microsoft SMTP Server (TLS) id 8.2.254.0; Fri, 12 Nov 2010
 04:06:36 -0800
MIME-Version: 1.0
From: <MicrosoftExchange329e71ec88ae4615bbc36ab6ce41109e@hysecurity.com>
To: <email@hysecurity.com>
Date: Fri, 12 Nov 2010 04:06:36 -0800
Content-Type: multipart/report; report-type=delivery-status;
      boundary="bd7e78ca-2fdd-4c45-a0b2-1cbc9c05061e"
Content-Language: en-US
Message-ID: <3ddb2965-ad37-4273-bb67-63618b5c334e>
In-Reply-To: <EECE99C4D3A7AB468F26415F5882793520FF772BF7@HSK.HySecurity.local>
References: <EECE99C4D3A7AB468F26415F5882793520FF772BF7@HSK.HySecurity.local>
Thread-Index: AcuCQGnnP3XCY4uXTcG4hP9sy1UqvQAIaP3R
Subject: Delivery Delayed:
Return-Path: <>
X-MS-Exchange-Organization-SCL: -1


So in this particular header, this is a delay notification I sent to an SBCGLOBAL.net address, in this case "HSL" is our gateway server and "HSK" is our exchange server.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
binaryjunkyAuthor Commented:
I was hoping it wounldn't be a problem with our firewall....
0
 
binaryjunkyAuthor Commented:
I checked over our firewall settings and made sure that all SMTP traffic allowed from our gateway server to the messaging server.
0
 
binaryjunkyAuthor Commented:
I think I solved the problem, our mailserver was mapped to "all IP addresses" instead of our forward facing .186 ip.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.