Solved

Delayed/Undeliverable Email; Exchange 2007

Posted on 2010-11-12
6
1,396 Views
Last Modified: 2012-05-10
Been having troubles lately with our Exchange 2007 server, we're getting a higher than normal volume of bounces, delays, or undeliverable email, both incoming and outgoing. The odd thing is it's never consistent, some domains get our mail and can send mail to us, sometimes there is a delay notification and will eventually go through, sometimes they'll get a delay notification and it will go undeliverable.

I've run every test in exchange mail route and it hints to a DNS problem obviously but the messed up thing is i can't find a single thing wrong with anything.

I've checked and refreshed our domain root hints, I've run with domain pointers through verizon dns and googles public dns, integra's dns who is our T1 provider, nothing is stuck in the queue.

I've called Integra to make sure there was no problems between us and them, our adtran is working fine, our router is functioning properly, websites are resolving correctly.

The only semi consistant domain i can test off of is sbcglobal.net which at this time we only can email to and receive about 10% of the time.

I've run numerous mxlookups and we're not on any blacklists, nslookups to other domains all resovle and i can connect to all of the affected domains through telnet.

I'm Stumped...

our domain is hysecurity.com
mail.hysecurity.com


The following is the delay notification we're receiving.

Delivery is delayed to these recipients or distribution lists:

'somedude@sbcglobal.net'

Subject: Test

This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf.

Delivery of this message will be attempted until 11/11/2010 12:23:47 PM (GMT-08:00) Pacific Time (US & Canada). Microsoft Exchange will notify you if the message can't be delivered by that time.


The header info for that email is as follows:

Received: from HSK.HySecurity.local ([10.0.0.12]) by HSK.HySecurity.local
 ([10.0.0.12]) with mapi; Wed, 10 Nov 2010 07:08:18 -0800
Content-Type: application/ms-tnef; name="winmail.dat"
Content-Transfer-Encoding: binary
From: Nick  <email@hysecurity.com>
To: Bruce  <email@hysecurity.com>
Date: Wed, 10 Nov 2010 07:08:16 -0800
Subject: FW: Test
Thread-Topic: Test
Thread-Index: AcuATAK3NzGq6MfLQ6i7cw2BYrpAOwAIa4RCAB7XgPA=
Message-ID: <EECE99C4D3A7AB468F26415F5882793520F999D756@HSK.HySecurity.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-Exchange-Organization-SCL: -1
X-MS-TNEF-Correlator: <EECE99C4D3A7AB468F26415F5882793520F999D756@HSK.HySecurity.local>
MIME-Version: 1.0

Any, ANY ideas would be greatly appreciated!

0
Comment
Question by:binaryjunky
  • 4
6 Comments
 
LVL 7

Assisted Solution

by:blue-screen
blue-screen earned 250 total points
ID: 34126430
I see you have RFC1918 addresses - how is your router/NAT/firewall to the internet set up?

Is your outgoing IP address a static address, or part of a pool of addresses?

Some service providers block port 25 to prevent SPAM attacks.  If you have a "pool" of IP addresses, maybe some of them block port 25 and some do not.

Make sure that mail server address is mapped to a static address that does not block port 25.
0
 
LVL 9

Accepted Solution

by:
Barry Gill earned 250 total points
ID: 34127037
From: Nick  <email@hysecurity.com>
To: Bruce  <email@hysecurity.com>

Just wondering about this.
The headers "for that mail" as you say it do not seem to be going to anyone externally.
Is the sbcglobal.net address inside a distribution list?

Wasn't clear from your mail, but what is your outbound path?
Do you deliver direct from Exchange or do you deliver to a gateway device or anything like that?
0
 

Author Comment

by:binaryjunky
ID: 34128065
Yes, our address is a static address, we do have a gateway device, we have a gateway server running forefront TMG, and our exchange server is behind that. Sorry for the confusion about the internal addresses, from nick to me that's a mistake, that particular header was a forwarded mail from nick to me here is a real bounce header.

apologies.


Received: from HSL.HySecurity.local (10.0.0.1) by HSK.HySecurity.local
 (10.0.0.12) with Microsoft SMTP Server (TLS) id 8.2.254.0; Fri, 12 Nov 2010
 04:06:36 -0800
MIME-Version: 1.0
From: <MicrosoftExchange329e71ec88ae4615bbc36ab6ce41109e@hysecurity.com>
To: <email@hysecurity.com>
Date: Fri, 12 Nov 2010 04:06:36 -0800
Content-Type: multipart/report; report-type=delivery-status;
      boundary="bd7e78ca-2fdd-4c45-a0b2-1cbc9c05061e"
Content-Language: en-US
Message-ID: <3ddb2965-ad37-4273-bb67-63618b5c334e>
In-Reply-To: <EECE99C4D3A7AB468F26415F5882793520FF772BF7@HSK.HySecurity.local>
References: <EECE99C4D3A7AB468F26415F5882793520FF772BF7@HSK.HySecurity.local>
Thread-Index: AcuCQGnnP3XCY4uXTcG4hP9sy1UqvQAIaP3R
Subject: Delivery Delayed:
Return-Path: <>
X-MS-Exchange-Organization-SCL: -1


So in this particular header, this is a delay notification I sent to an SBCGLOBAL.net address, in this case "HSL" is our gateway server and "HSK" is our exchange server.
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 

Author Comment

by:binaryjunky
ID: 34128089
I was hoping it wounldn't be a problem with our firewall....
0
 

Author Comment

by:binaryjunky
ID: 34128104
I checked over our firewall settings and made sure that all SMTP traffic allowed from our gateway server to the messaging server.
0
 

Author Comment

by:binaryjunky
ID: 34128181
I think I solved the problem, our mailserver was mapped to "all IP addresses" instead of our forward facing .186 ip.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Easy CSR creation in Exchange 2007,2010 and 2013
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now