Solved

Mail delivery question

Posted on 2011-02-28
11
494 Views
Last Modified: 2012-05-11
Has anyone use the MX Toolbox site? http://www.mxtoolbox.com/
Is this a good tool to troubleshoot our email delivery issue?

The reason I'm asking is, we have a client (pgal.com) that we can't deliver our emails to. It basically times out. So I use this website to run SMTP test and two of their three servers come back with failed delivery.  

What would cause those delivery failure?

I'm just not sure, because they're able to receive emails from others but not us.
We're only having similar issue with 3 other clients, out of hundreds of our clients.
0
Comment
Question by:halo26us
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35000210
Please have a read of my article and check your server / environment is configured correctly:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/A_2427-Problems-sending-mail-to-one-or-more-external-domains.html

Make sure the SEND Connector on your server has a correct FQDN that resolves in DNS back to your servers IP address.

Alan
0
 

Author Comment

by:halo26us
ID: 35000425
Thanks alanhardisty,

so I'm still curious as to why I'm getting SMTP test errors on this domain and (2 other domains)
and if they're having a problem on their end how come other clients don't have the same issue?

I'm wondering, because other than the SPF record, everything looks fine on our end....

0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35000535
If you want to post your domain name (which I will hide for you), I can take a look and make sure you are configured correctly.

Mailflow is most often caused by poor configuration on the sending server.
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35000741
Okay - an issue you need to resolve.

1. You have two MX records named differently but resolving to the same IP Address - you only need to have one MX record if you only have one IP Addres.

Is the FQDN on your SEND Connector mail.domain.com?

Do you send out the same IP Address as you receive?
0
 

Author Comment

by:halo26us
ID: 35020886
Thanks again for your help. Let me explain how our exchange is setup....

We have Exchange 2007 (exchange.mydomain.com) and also our edge server (mail.mydomain.com) and finally our Trend Micro IMSS server (imss.mydomain.com) that filters all our spams.

Outgoing mail path is exchange-> mail -> imss -> Internet

So currently we have both mail.mydomain.com and imss.mydomain.com NAT to the same IP, which is why MX records show as both IP.

1)      Is it still necessary to remove one of the MX records?
2)      Also you mentioned that send connector needs to have FQDN. Are you talking about the Edge server’s send connector? (mail) or the mail server’s (exchange)?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35022660
What server receives your mail?  Presumably the IMSS server?  If that is the case, then 1 MX record is fine.

If the IMSS server goes down - does the mail.domain.com server take over?  If it does - then 2 MX records isn't going to improve mail-flow because they point to the same IP Address.

The FQDN would be on the IMSS server as this will be the FQDN that is shown to servers it connects to (confirmed by the email which you sent me - which I just managed to tie into this question [sorry - I work on so many] ).

Your FQDN I see from my Anti-Spam logs was imss.domain.com - so Reverse DNS should be imss.domain.com but it is currently mail.domain.com, although imss and mail both resolve to the same IP it may be better to have Reverse DNS as imss.domain.com instead to keep some mail servers / anti-spam servers happy.

Alan
0
 

Author Comment

by:halo26us
ID: 35022731
I think I may have narrowed down the issue to our IMSS. I think there's a setting in the IMSS configuration file that doesn't allow you to query other MX record if the 1st one fails.
Because all the ones that we're having issue with are the ones that I can't connect to their lowest MX preference.

Also because the NDR message is a custom IMSS message (not Exchange)

Problem now is I can't get through to their phone support... argh!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35022831
Oh dear - that 's not good.

Your server not being able to deliver to the lower MX record shouldn't be a problem.  If it can deliver to one mail server - then the secondary MX record mail server should be able to receive your messages and then pass them on accordingly.

In most cases - the Anti-Spam on the secondary (Higher) MX record / server is not as tight, so more spam gets through, thus you should have more success sending to the secondary MX record than the primary MX record.
0
 

Accepted Solution

by:
halo26us earned 0 total points
ID: 35078888
The issue has been resolved. It was IMSS's way of handling bad MX record. It was a bug in IMSS version 7.1 that won't try to reach other MX records when the 1st one fails. I've installed a patch that resolved the issue. Thanks for all your help!
0
 

Author Closing Comment

by:halo26us
ID: 35120740
It was specific to our environment and didn't affect others who didn't have the same version of IMSS as ours.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses
Course of the Month10 days, 17 hours left to enroll

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question