Can't email one external domain

Posted on 2012-09-05
Medium Priority
Last Modified: 2013-01-08
We have an issue trying to send email to one external domain.  This domain has a primary and secondary mail server.  They do not have a load balancer.  When email is received by the primary, email always transmits.  When it’s received by the secondary, a connection is never made and the email is returned non-deliverable.  What I'm not sure of why mail is trying to connect to the secondary and not the primary all the time.  I don’t know what mechanism controls this.  I’ve worked with the receiving domain admin, but the issue continues and I’m at a loss.  

Our environment:
Exchange 2010 with DAG on VMware
Barracuda Spam Firewall where both inbound and outbound email travels through.  
ASA 5510 Firewall

Here’s what I’ve done:
•      Confirmed our firewall is not inspecting outbound SMTP traffic.  
•      Confirmed there is no issue when mail is received by primary mail server
•      Confirmed the issue only happens when mail is received by secondary mail server
•      Confirmed both mail servers can be resolved using internal and external DNS
•      Bypassed our Barracuda Spam firewall with a direct scoped Exchange send connector to the receiving domain (Normally all outbound mail goes through our Barracuda spam firewall)
•      Confirmed there is an issue when making telnet connections on port 25 to both servers from our email servers.  The initial connection always fails.  The second attempt is always successful.  
•      Confirmed with Barracuda Support there is not configuration issue with our spam server that would prevent the connection  
•      Confirmed that this is the only domain we have this issue with.  
Any help much appreciated!  
Question by:ColerAdmin
  • 2
  • 2
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38368029
SO you mean that the emails go fine when sent by one HUB whereas other HUB is delaying the emails ?
If one domain i dont think there is much at your end to be very true :)

You can test your Inbound and Outbound with

- Rancy

Author Comment

ID: 38368142
Yeah, when email is received by their "Secondary" server, the initial connection is never made so the email will hang in our queue trying to make a connection and eventually be returned.  At this point, I'm trying to rule out our side being the cause as much as possible.  
I tested both inbound and outbound on our and their domains.  Both successful.  Strange one for sure.  Thx
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38369935
Have you turned off the SMTP scanning feature - mailguard or whatever Cisco call it now, on the ASA?  Such a common problem, MS have it in their KB:


Author Comment

ID: 38370056
Yes. Smtp outbound inspection was turned off using the "no fixup protocol smtp 25" command on our ASA.  Odd thing about it is, no issue when transmission is made to primary server.   Thx.
LVL 52

Accepted Solution

Manpreet SIngh Khatra earned 1500 total points
ID: 38370079
Agree its strange but if for some reason my external\gateway server sometimes unable to connect or drops session and that 2 with only one External domain .... i would surely want them to have a look into their Env as my server will never be Bias with anyone :)

- Rancy

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question