Cannot email to a specific Domain from my Exchange Server

Hello,

We are continuing to have problems wherein my domain (RAPADOCS.COM) is bouncing messages from the HEALTHTEXAS.ORG domain. I can send email to that domain, however they cannot send to me.  I'm not sure where the the problem appears to be and I've checked our SONIC firewall.  Maybe I'm missing something and it's not allowing email from HEALTHTEXAS.ORG because my Sonic Firewall refuses connections from email servers whose inbound and outbound port addresses do not match. I'm not sure if this is the issue and I'm not sure how to troubleshoot this issue.

Thanks,

nimdatx

LVL 1
Jaime CamposAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Alan HardistyConnect With a Mentor Co-OwnerCommented:
It depends on what they say in the email.

We had a customer who was not receiving an email from someone sending to them and despite us having his entire email flow whitelisted, spam and everything, he was not receiving the email, so of course he was blaming us (as usual).

Well, I trawled through our Vamsoft ORF Anti-Spam logs (which are brilliant and easy to sort / filter) and could not even see a connection attempt from the relevant mail server in question.  I then added a filter on our Forefront TMG server and couldn't see anything on that either.

So - I fired an email back to my customer and told him that they were not even coming anywhere near our server and that the problem was most definitely at the sending end.

The sending end ran some telnet tests and those messages came through happily!

They then 'tweaked' a setting at their end and then magically the emails started to flow properly.

As usual - this turned out to be a problem at the sending end, which in most cases it is (but not in all cases).

As your server is RFC compliant and everything checks out your end - they may be specifically blocking you, don't like something you are putting in a email such as an autosignature or they are just using a system that doesn't communicate well with an Exchange server!

I worked on a question where a company could not email someone and after various tests - it turned out that their telephone number in their autosignature was triggering the spam filter and getting their emails rejected!  That was different!!
0
 
Alan HardistyCo-OwnerCommented:
Please have a read of my article and check your configuration to make sure that they are configured correctly:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/A_2427-Problems-sending-mail-to-one-or-more-external-domains.html
0
 
Alan HardistyCo-OwnerCommented:
Please ask them to send me a test message - they are hiding behind a Barracuda spam appliance and they might not be configured correctly, only we won't know because of this.

My address is alan @ it-eye.co.uk and my anti-spam software will tell me all I need to know about how their server is configured.

Many thanks

Alan
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
Jaime CamposAuthor Commented:
I sent you a test from my end. Maybe you can see something on my side. I'll see if they can send to you as well.

I readed your document and performed your steps.

What is my IP off Exchange Server
12.49.168.68

Reverse DNS Lookup
Server: 208.82.183.131
Address: 208.82.183.131#53
Non-authoritative answer:
Name: rapadocs.com
Address: 24.173.46.250

Blacklist
Checking 12.49.168.68 against 103 known blacklists...
Listed 0 times with 2 timeouts.
All seemed to be ok.

Web Reputation Score:
      Neutral
 Why is the reputation Neutral?
Your IP address or domain is within acceptable parameters.

Extended Whois
Invalid AWS Request!
Invalid AWS Request!
Invalid AWS Request!
Invalid AWS Request!
Invalid AWS Request!
WHOIS Lookup
Owner      Renal Associates, P.A.
Status      Locked
Created      2006-11-17
Changed      2009-09-23
Expires      2016-11-17
Registrar      ENOM, INC.
Admin Email      nawils@sbcglobal.net
Tech Email      nawils@sbcglobal.net

Invalid AWS Request!
Invalid AWS Request!
Invalid AWS Request!
Invalid AWS Request!
Invalid AWS Request!
Top Level Domains Available
.com      .net      .org      .biz      .info      .us
                                    

SSL Certificate
Valid?      ERROR
Created      2009-05-16 11:57:15 GMT
Expires      2011-05-16 11:57:15 GMT
Issued To      Totalpcsol.net
San Antonio, US
Issued By      Microsoft Internet Information Server

THANKS SO MUCH for checking.

nimdatx

0
 
Alan HardistyCo-OwnerCommented:
Your email came through fine - which suggests you are configured happily.  I'll just check my server and report back in a sec.

Either way - that won't do much for testing your inbound mail-flow.  Usually problems like this are down to poor configuration at the sending end.
0
 
Alan HardistyCo-OwnerCommented:
Yep - came through cleanly.  Your config looks fine.
0
 
Jaime CamposAuthor Commented:
My Information
IP off Exchange Server
12.49.168.68

Reverse DNS Lookup
Server: 208.82.183.131
Address: 208.82.183.131#53
Non-authoritative answer:
Name: rapadocs.com
Address: 24.173.46.250 <- Isn't this IP supposed to be 12.49.168.68, which comes up as my IP when I run MX lookup? Is that address supposed to have RDNS or my MX IP 12.49.168.68?

Healthtexas information

RDNS: Healthtexas.org
Server: 208.82.183.131
Address: 208.82.183.131#53

Non-authoritative answer:
Name: Healthtexas.org
Address: 168.143.83.194

MX Record: Healthtexas.org
mail.healthtexas.org      76.195.29.204

DNS Lookup: Healthtexas.org
healthtexas.org            168.143.83.194






0
 
Alan HardistyCo-OwnerCommented:
The IP Address you connected to my server from is 12.49.168.68 and your EHLO Domain Name is rapamail.rapadocs.com - Reverse DNS on that IP resolves as rapamail.rapadocs.com

The MXTOOLBOX test for DNS Report doesn't work on Exchange 2007 / 2010 because they connect to your RECEIVE Connector not your SEND connector and you can receive and send on differnet IP Addresses, so you can safely ignore that test.

Your side is good to go and looks very RFC compliant to me.  Can't say the same thing for the other end without them sending me a test message or knowing more info.
0
 
Jaime CamposAuthor Commented:
alanhardisty,

I'm waiting for a callback from Senior System Admin from Health Texas Organization. Now, meanwhile I've done all your recommended testing with your wonderful article, however is there anything else I can do that you would do once you recieve there email. Can you explain how you check it from your end, so maybe I can learn how to further my email troubleshooting skills.

Thanks,

Jaime Campos
0
 
Jaime CamposAuthor Commented:
Thanks so much for all your help.
0
All Courses

From novice to tech pro — start learning today.