Can't email one external domain

Posted on 2012-09-05
Last Modified: 2013-01-08
We have an issue trying to send email to one external domain.  This domain has a primary and secondary mail server.  They do not have a load balancer.  When email is received by the primary, email always transmits.  When it’s received by the secondary, a connection is never made and the email is returned non-deliverable.  What I'm not sure of why mail is trying to connect to the secondary and not the primary all the time.  I don’t know what mechanism controls this.  I’ve worked with the receiving domain admin, but the issue continues and I’m at a loss.  

Our environment:
Exchange 2010 with DAG on VMware
Barracuda Spam Firewall where both inbound and outbound email travels through.  
ASA 5510 Firewall

Here’s what I’ve done:
•      Confirmed our firewall is not inspecting outbound SMTP traffic.  
•      Confirmed there is no issue when mail is received by primary mail server
•      Confirmed the issue only happens when mail is received by secondary mail server
•      Confirmed both mail servers can be resolved using internal and external DNS
•      Bypassed our Barracuda Spam firewall with a direct scoped Exchange send connector to the receiving domain (Normally all outbound mail goes through our Barracuda spam firewall)
•      Confirmed there is an issue when making telnet connections on port 25 to both servers from our email servers.  The initial connection always fails.  The second attempt is always successful.  
•      Confirmed with Barracuda Support there is not configuration issue with our spam server that would prevent the connection  
•      Confirmed that this is the only domain we have this issue with.  
Any help much appreciated!  
Question by:ColerAdmin
    LVL 52

    Expert Comment

    by:Manpreet SIngh Khatra
    SO you mean that the emails go fine when sent by one HUB whereas other HUB is delaying the emails ?
    If one domain i dont think there is much at your end to be very true :)

    You can test your Inbound and Outbound with

    - Rancy

    Author Comment

    Yeah, when email is received by their "Secondary" server, the initial connection is never made so the email will hang in our queue trying to make a connection and eventually be returned.  At this point, I'm trying to rule out our side being the cause as much as possible.  
    I tested both inbound and outbound on our and their domains.  Both successful.  Strange one for sure.  Thx
    LVL 63

    Expert Comment

    by:Simon Butler (Sembee)
    Have you turned off the SMTP scanning feature - mailguard or whatever Cisco call it now, on the ASA?  Such a common problem, MS have it in their KB:


    Author Comment

    Yes. Smtp outbound inspection was turned off using the "no fixup protocol smtp 25" command on our ASA.  Odd thing about it is, no issue when transmission is made to primary server.   Thx.
    LVL 52

    Accepted Solution

    Agree its strange but if for some reason my external\gateway server sometimes unable to connect or drops session and that 2 with only one External domain .... i would surely want them to have a look into their Env as my server will never be Bias with anyone :)

    - Rancy

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
    The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now