exchange 2003 / delayed emails to specific domains

Hey guys,

Running Exchange 2003 SP2

The only change I made on my client's network was switching over from Verizon DSL to Verizon FiOS. Yes, the IP addresses are different. I spoke with Verizon and had a reverse DNS entry created for the mail servers IP. I am having an issue with a few domains we are trying to email since the switch, and also weird items in the event logs as such:

This is an SMTP protocol warning log for virtual server ID 1, connection #3. The remote host "xxx.xxx.xxx.xxx", responded to the SMTP command "rcpt" with "421 4.7.1 <user@user.com>: Recipient address rejected: Can't accept mail while inactive.  ". The full command sent was "RCPT TO:<user@user.com>  ".  This may cause the connection to fail.

The items are sitting in the queue continuously retrying. Eventually they'll bounce back (though I haven't read one of the bounce back messages yet).

I am not on any blacklists whatsoever.

Any ideas? Can you help point me in the right direction?
LVL 3
tamaneriAsked:
Who is Participating?
 
AmitConnect With a Mentor IT ArchitectCommented:
DNS changes can take upto 3days to replicate globally. Leave it for few days and then check again.
0
 
rscottvanConnect With a Mentor Commented:
The mail is being rejected by the recipient's mailserver.  This usually means they believe the sender is a spammer.  Have a look here for a good explanation.
http://group-mail.com/email-error-codes/server-says-421-4-7-1-sender-address-rejected-account-disabled/

See if different internal senders can send to the recipient.  If other internal senders are successful, verify the client configuration (things like "from" and "reply to" addresses match.)

See if you can send from a gmail or yahoo or other third party account to the recipient.

Once you know if any of these senders works, you may need to contact the recipient domain mail admin to get removed from their internal blacklist.
0
 
tamaneriAuthor Commented:
@amitkulshrestha -- it's been well over a week and the issue still persists.

@rscottvan -- This is only one particular domain that shows up in the event logs with this error. There are a few other domains where the messages are being delayed before actually being sent. The issue is still occurring.

Any ideas?
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
rscottvanConnect With a Mentor Commented:
Did you try sending from different local email addresses?  You need to pin this down to determine if it's only mail from an individual, or mail from any sender.

I think you'll need to contact the mail administrator at the far end and have them whitelist your domain or sender.
0
 
tamaneriAuthor Commented:
I've had no issues sending to these domains until we did an ISP switch (and our IP address changed as a result). So I would assume the issue would be on my end.

I did try sending from multiple inside addresses, the result(s) are the same :(
0
 
rscottvanConnect With a Mentor Commented:
The specific error you're receiving usually indicates you're blocked by the receiving mail server.  It's possible your mailserver's new IP is on an old internal blacklist of the receiving mailserver.

Does your domain have an SPF record?  If you post your domain name, I'll have a look at the DNS records to be sure they're configured correctly.
0
 
tamaneriAuthor Commented:
I was looking again through the event logs and noticed this:

This is an SMTP protocol error log for virtual server ID 1, connection #300. The remote host "12.102.252.75", responded to the SMTP command "mail" with "521-xx.xx.xx.xx blocked by sbc:blacklist.mailrelay.att.net.  521 DNSRBL: Blocked for abuse. See http://att.net/blocks  ". The full command sent was "MAIL FROM:<email@mail.com> SIZE=26626  ".  This will probably cause the connection to fail.

These weren't in the logs last week, but nonetheless this could be causing a lot of the issues. No idea why changing my mail servers IP address would cause this... but hey.

Confirmed I'm not a relay, i'm on no other blacklists (according to mxtoolbox) and my mail server is on a different public IP than anything else on the network. checked e-mail queues on exchange and they are clean.



Submitted to AT&T to have me removed, hopefully this works.
0
 
tamaneriAuthor Commented:
@rscottvan -- domain name is applause-tickets.com

I use mail.applause-tickets.com for the mail server. Thanks so much!
0
 
rscottvanCommented:
OK, I think the problem is that the recipient server is doing SPF validation and your SPF record is wrong.  Here is your record:

applause-tickets.com.   2920    IN      TXT     "v=spf1 ip4:66.96.128.0/18 ?all"

The ip4 address range in the record needs to include your mailserver IP Address.  This would do in place of the current record, so long as all your outbound mail comes from a single IP:

applause-tickets.com.   2920    IN      TXT     "v=spf1 ip4:96.250.68.43/32 ?all"


SPF Overview
0
 
tamaneriAuthor Commented:
@rscottvan thanks again, I really appreciate it. I just modified the record, hopefully this puts the issue to bed! I'll report back.
0
 
tamaneriAuthor Commented:
Okay, so the record as been created and propagated. Also, according to AT&T, we've been removed from their blacklist.

Still having issues sending to a few domains though. Any other ideas? They'll stay in the queue continuously retrying. They will finally send though after about 2 days.
0
 
tamaneriAuthor Commented:
Anyone?
0
 
tamaneriAuthor Commented:
We switched off Exchange 2003 and went with Hosted Exchange by M$... no more issues.
0
All Courses

From novice to tech pro — start learning today.