SBS2011 exchange server not receiving SOME e-mail

Posted on 2012-08-21
Medium Priority
Last Modified: 2012-08-28
We have a single sbs2011 server runing exchange, and is working pretty well for most things. However, we have some mail going astray, ie being sent by a couple of our clients, which never seems to arrive.

I have checked blacklists and SPAM settings, but everything seems OK.

On checking with mxtoolbox.com we get the following responses :-

220 remote.styleww.co.uk Microsoft ESMTP MAIL Service ready at Tue, 21 Aug 2012 11:23:16 +0100
OK - resolves to 80-45-15-236.static.dsl.as9105.com
Warning - Reverse DNS does not match SMTP Banner
 OK - Supports TLS.
 0 seconds - Good on Connection time
 OK - Not an open relay.
 5.897 seconds - Warning on Transaction Time
Session Transcript:

EHLO please-read-policy.mxtoolbox.com
 250-remote.styleww.co.uk Hello []
 250-SIZE 10485760
 250 CHUNKING [156 ms]
 MAIL FROM: <supertool@mxtoolbox.com>
 250 2.1.0 Sender OK [156 ms]
 RCPT TO: <test@example.com>
 550 5.7.1 Unable to relay [5148 ms]
 221 2.0.0 Service closing transmission channel [140 ms]
Am I correct in that the line :-

OK - resolves to 80-45-15-236.static.dsl.as9105.com

should result in our mail server name, ie not 80-45-15-236.ststaic.dsl.as9105.com, but remote.styleww.co.uk??

I have checked our own server smtp settings and all seem to be ok, but somone pointed me to get our service provider (talktalk) to add a reverse PTR to our account, but unfortunately, they do not seem to know what I am asking for.

Can anyone confirm whether I am on the right track here, and if so, what specifically do I need to ask for??

Any help gratefully received.

Many thanks.
Question by:nigelbeatson
  • 5
  • 3
LVL 52

Accepted Solution

Manpreet SIngh Khatra earned 2000 total points
ID: 38315720
Reverse DNS does not match SMTP Banner - Do you have a PTR record ?

As your service provider to check with MX and create PTR :) .... if the guy doesnt know ask him to get someone from Networking/DNS team or escalation :)

- Rancy

Author Comment

ID: 38315815
I do not know if we have a revers PTR. I have taken over this server which has historically had this problem. I do not know how to access the ISP DNS, but no doubt I can get this information if we need it. I seem to recall though that in previous ocasions, this was something that the ISP had to do? Can you confirm?

I have hit a stone wall with TalkTalk support. They only seem to offer basic levels of support and when asked to escalate, he spoke with his manager who also did not know what I was talking about. I do not seem to be able to get past the first level support team.

Do you think I am on the right track though?? I am happy to persist if you think that this is the answer. I have asked other service providers to do this for me before, and they just asked for e-mail confirmation and it was done within a day or so.

Do you think that this will resolve our issue of the missing mail??

LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38315847
I do not know how to access the ISP DNS - no once can they have to make changes.

I seem to recall though that in previous ocasions, this was something that the ISP had to do? Can you confirm? - Yes

maybe this current ISP isnt capable of anything :) So ask them to get more techincal person and share the error with them

Warning - Reverse DNS does not match SMTP Banner

Do you think that this will resolve our issue of the missing mail??- Possible

Ohk tell me this ..... if you dont see the email hit your Organization sender will get some NDR and we can try to work over it apart from that if an email doesnt hit your Organization gateway servers there isnt anything we can do :(

- Rancy
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.


Author Comment

ID: 38315865
I will persist with TalkTalk (the ISP) to see if they can do this.

Unfortunately the sender does not receive an NDR, which has been the biggest part of the problem, as they are presuming we have recieved the e-mails (usually orders) and we get nothing, so we did not know they had sent them. This is obviously a very big problem for us, as they are one of our best customers!

We are using the ORF anti spam software on our server, which logs ALL incomming mail, so we know it is not actually getting to us, but when I research the mxtoolbox.com diagnosis the fact that the reverse DNS does not match the SMTP banner, it indicates that it can cause this kind of problem.

It is the only thing that I can see that is even remotely a problem.

Thanks for your assistance.
LVL 22

Expert Comment

by:David Atkin
ID: 38316676

I don't believe that the Reverse DNS is the issue.  I have a couple of customers who can't change the rDNS due to ISP restrictions - They don't have any problems.

Open the Exchange Management Console, go into Toolbox and use the tracking log explorer tool to see if you are actually reverencing the mail or not.

As a test, disable your ORF anti-Spam and ask your client to send a test email.

Check your clients domains on MXtoolbox and see if they are blacklisted.  May as well do the same for your own domain - Just to be sure.

If you can talk to your customers IT company, it maybe worth asking them to do an nslookup from their office and then telenet your server on port 25 to see if it actually gets a response.

Author Comment

ID: 38320980
The problem only relates to a couple of clients that we know about. It is just unfortunate that it is one of their better ones that we are having problems with.

I have managed to get the call escalated now, and it sounds like we are moving in the right direction. The error reported from mxtoolbox.com is the only problem area I can find, but if the new revers PTR does not fix it, we will have to resort to getting our client to track their message, as suggested earlier in this incident.

Our domain is not ony blacklists I can find, and if the work in hand does not produce any improvement, we will have to start checking their domain name too.

I will et you know as and when we get the PTR put in place, and what the outcome is.

Thanks to all.
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38321066
Make sure you get the Esclation guys to see what the Warning says on the mxtoolbox  .... maybe they might have some understand of it :)

No harm in getting them into this as well :)

- Rancy

Author Comment

ID: 38321077
Yes, thanks. I provided them with full details of the MXTOOLBOX.com report, so hopefully they will be able to check this too.

Many thanks.

Author Closing Comment

ID: 38340705
Many thanks.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today as you open your Outlook, you witness an error message: “Outlook is using an old copy of your Outlook Data File…”. Probably, Outlook is accessing an old OST file.
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses
Course of the Month13 days, 22 hours left to enroll

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question