Cannot receive mail from comcast.net

Owner's spouse cannot send email from comcast.net to anyone in our domain.  However, when owner's spouse uses comcast's webmail app, the mail comes through.  How do I get the pop3 mail from their Outlook 2007 client to come through?
ITKNGAsked:
Who is Participating?
 
ITKNGConnect With a Mentor Author Commented:
I discovered a private whitelist filter in Domino.  I added comcast.net and the messages started to come through.
0
 
brwwigginsIT ManagerCommented:
This sounds more like issues on the comcast side. The only thing I can suggest is the following:

(1) Make sure you have your MX and PTR records configured properly for your mail server. If possible, also make sure the name presented by your SMTP server matches the reverse lookup record. Some services are sensitive to this as an anti-spam measure

(2) Have the user verify their outlook settings in regards to the outgoing SMTP server. The webmail app may use a different SMTP host than the client.
0
 
ITKNGAuthor Commented:
I was just on the phone with AT&T (my ISP) and verified MX and PTR information for my domain (wesfam.com) to be correct.  I have the Outlook (comcast.net) client that does not send to wesfam.com in my possession and the client is configured as recommended on the Comcast website.  It does not send very well!  Until about ten days ago I would have said this was a Comcast only issue until my Mother started getting mail returned occasionally using her AOL account.  The Comcast messages that are bounced contain errors like:
> Error reading SMTP packet; response to dot-stuffed message expected;
> likely problem with network or remote SMTP server
ALSO
Delivery to the following recipients is still underway after 12.3 hour(s):
 * xxxxx@wesfam.com
Will keep trying and contact you if the message can't be delivered permanently.
AND THE AOL RETURN READS:
*** ATTENTION ***
Your e-mail is being returned to you because there was a problem with its
delivery.  The address which was undeliverable is listed in the section
labeled: "----- The following addresses had permanent fatal errors -----".
The reason your mail is being returned to you is listed in the section
labeled: "----- Transcript of Session Follows -----".
The line beginning with "<<<" describes the specific reason your e-mail could
not be delivered.  The next line contains a second error message which is a
general translation for other e-mail servers.
Please direct further questions regarding this message to the e-mail
administrator or Postmaster at that destination.
--AOL Postmaster
   ----- The following addresses had permanent fatal errors -----
<xxxxxxxxx@wesfam.com>
    (reason: 451 4.4.1 reply: read error from mail3.wesfam.com.)
   ----- Transcript of session follows -----
451 4.4.1 reply: read error from mail.wesfam.com.
451 4.4.1 reply: read error from mail3.wesfam.com.
<xxxxxxx@wesfam.com>... Deferred: Connection timed out with mail3.wesfam.com.
Message could not be delivered for 3 hours
Message will be deleted from queue

I also had my Domino vendor look into our server with no luck.  He cranked up the verbosity of the SMTP server and we could not find anything other than what appeared to be the messages being dropped before they were received.  I will work tomorrow to get a snapshot of those logs added here.

Puzzling...
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
brwwigginsIT ManagerCommented:
does your domino server receive the SMTP mail directly or does it go through some anti-spam appliance/software?

I was not able to do a normal SMTP transaction with your server from a command line (http://support.microsoft.com/kb/153119) which makes me think it is your server config. Screenshot of SMTP
0
 
Sjef BosmanGroupware ConsultantCommented:
And do you see anything out of the ordinary in your server's log.nsf database, under Miscellaneous, around the times the mails were sent?
0
 
ITKNGAuthor Commented:
We use SMSDOM 8.0.7 - recently upgraded on 3/25 from an earlier v8 in hopes of getting relief to this issue - no luck.  There is no indication in the symantec product that this is the barrier.  I do not think the message is being received for the mail security app to catch it.  I have white listed comcast.net with no luck.   We have also tried with SMSDOM turned completely off with no luck.
About an hour ago I sent 3 messages from the Comcast user’s laptop to my Wesfam.com account.  Upon restarting the server after white listing Comcast again, these three messages were attempted to be delivered back to back as shown below.  We never get to DATA as with other messages.  My vendor kept saying it was like Comcast is dropping the connection before it delivers.  For that reason, he up’ed the SMTPTimeoutMultiplier to 3.  It has been that way since 3/25.
04/12/2011 01:50:13 PM  SMTP Server: Domino.wesfam.com (127.0.0.1) connected
04/12/2011 01:50:13 PM  SMSDOM: PAS SMTP PROXY: [76.96.30.96] connected.
04/12/2011 01:50:13 PM  SMTP Server: Domino.wesfam.com (127.0.0.1) connected
04/12/2011 01:50:13 PM  SMSDOM: PAS SMTP PROXY: [76.96.27.211] connected.
04/12/2011 01:50:13 PM  SMTP Server: Domino.wesfam.com (127.0.0.1) connected
04/12/2011 01:50:13 PM  SMSDOM: PAS SMTP PROXY: [76.96.30.40] connected.
04/12/2011 01:50:13 PM  SMTP Server: Originator: <charlottew@comcast.net>
04/12/2011 01:50:13 PM  SMTP Server: Originator: <charlottew@comcast.net>
04/12/2011 01:50:13 PM  SMTP Server: Originator: <charlottew@comcast.net>
04/12/2011 01:50:14 PM  SMTP Server: Recipient: <hartwell@wesfam.com>
04/12/2011 01:50:14 PM  SMTP Server: Recipient: <hartwell@wesfam.com>
04/12/2011 01:50:14 PM  SMTP Server: Recipient: <hartwell@wesfam.com>
- nothing related to these messages afterwards
0
 
brwwigginsIT ManagerCommented:
To me it sounds like something is in between the domino server and the outside that is translating the SMTP commands. The response I get from telnetting on port 25 is not typical.

You might have to enable debugging on SMTP (SMTPDebugIO=3 and see here for reference -->https://www-304.ibm.com/support/docview.wss?uid=swg27003007)

0
 
ITKNGAuthor Commented:
In the attached file you can see where the vendor attemtped to debugg with the SMTPDebugIO=3 and other settings.  The log results were never conclusive at least to us.  If you search on "charlottew" there are specific examples for this problem. outfile-Office-2011-03-25-17-07-.txt
0
 
Sjef BosmanGroupware ConsultantCommented:
Rather weird behaviour: several QUITs and RSETs, but those could be in response to spam, and many timeouts on the local server (127.0.0.1). You could try to up the timeout delay maybe, I'd have to check where to do that, and if it's possible for incoming SMTP only.

By the way, how many mailboxes do you run on the server, i.e. the number in the Configuration document for the server, under Router/SMTP, Basics?
0
 
brwwigginsIT ManagerCommented:
What version of SMSDOM are you running? Do you have any third party blacklist filters enabled? Also I wonder if there is anything in the SMSDOM logs.
0
 
brwwigginsIT ManagerCommented:
nevermind, found my own answer on the version in the logs :)

I did see this article from Symantec that was interesting (http://www.symantec.com/business/support/index?page=content&id=TECH97101&key=51977&actp=LIST)

also, do you know if the sender is sending signed/encrypted e-mail? I see this (250-AUTH LOGIN<CRLF>) in the log that leads me to believe so but I could be reading it wrong.

I would start looking at the SMSDOM logs and settings. There are some Symantec technotes regarding issues with malformed MIME and encrypted mail.

http://www.symantec.com/business/support/index?page=content&id=TECH143908

http://www.symantec.com/business/support/index?page=content&id=TECH146864&key=51977&actp=LIST

They're just a guess right now until you look at the SMSDOM logs
0
 
ITKNGAuthor Commented:
> You could try to up the timeout delay maybe
Timeout is defaulted to 5 minutes.  The multiplier set now at 3 makes it 15 minutes.

> How many mailboxes do you run on the server
One mailbox

> What version of SMSDOM are you running?
8.0.7.138; I really do not think it is a symantec issue as we tested this issue remains when SMSDOM is shutdown

> Do you have any third party blacklist filters enabled?
DNS Blacklist filters: Disabled
Private Blacklist filter: Disabled

> Also I wonder if there is anything in the SMSDOM logs.
Never any evidence of this.  

FYI - I feel SMSDOM does well as I also feel we get a great deal of spam for about 30 Internet Users.

> tell sav info
  Auto-Protect:
    EMail Scanning:             on
    Write Scanning:             on
  Mass-Mailer Cleanup:          on
  Security Risk Detection:      on
  Premium Antispam Services:    on
  Standard Antispam Service:    off
  Content Filtering:            off
  Multimedia-Executable analysis: on
  Outbreak Detection:           on
  Virus Definitions:            04/12/2011 rev. 003
  Spam Definitions:             07/29/2009
  Premium Antispam Rules:       04/13/11 07:14:04
  Last Threat Found:            04/12/2011 04:43:25 PM
    Description:                SMSDOM detected the threat Trojan.Malscript!html in database John's Mail...The document was QUARANTINED.
  Quarantined Documents:        28
    Unrestored:                 17
  Statistics Since:             03/25/2011 10:20:06 AM
    Auto-Protect:
      Files Infected:           19
      Files Repaired:           7
      Files Deleted:            8
      Files Unrepaired:         4
    Other Scans:
      Files Infected:           0
      Files Repaired:           0
      Files Deleted:            0
      Files Unrepaired:         0
    Mass-Mailer Cleanup:
      Messages Deleted:         0
    Security Risks Detected:    0
    Spam Mails Detected:        10725
    Scan Errors Detected:       54
  Current product license: FULL LICENSE. Final product license expiration: NONE.
  Current content license: FULL LICENSE. Final content license expiration: 04/02/2012.
  Current premium antispam license: FULL LICENSE. Final premium antispam license expiration: 04/02/2012.




0
 
ITKNGAuthor Commented:
How does one go about reaching a good resource at Comcast?
0
 
brwwigginsIT ManagerCommented:
SMSDOM is not a bad product. We use it where I work as well but just for the AV portion.

As for the comcast contact, the only suggestion I can offer is check out their Postmaster page (http://postmaster.comcast.net).

The only time i've ever personally run into something like this was with AOL who had blacklisted us but usually you see this when sending to comcast and not receiving.

You might have to open a support ticket with IBM and see if they can further help debug the error you are seeing

> 03/25/2011 05:24:50.66 PM [1FF4:000A-1994] SMTP CITask RecvErrorHandler> ERROR: (127.0.0.1) Receive failed (did not timeout), error = 0A02h (Remote system no longer responding)
03/25/2011 05:24:50.68 PM [1FF4:000A-1994] SMTP CITask RecvErrorHandler> Running default handler, error = 0A02h (Remote system no longer responding)


or up the debu level to 4 instead of 3
0
 
ITKNGAuthor Commented:
Found partial solution on my own.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.