Solved

exchange external email repeatedly blocked/undelivered

Posted on 2013-01-22
8
871 Views
Last Modified: 2013-02-13
Hello, there is a specific email address that is being returned from everyone who uses exchange. What can i do about this, where could it be getting blocked
0
Comment
Question by:mrbayIt
  • 4
  • 3
8 Comments
 
LVL 4

Expert Comment

by:webtechgal
ID: 38807980
You can check with your ISP first. Ask them to check the logs and see if they are blocking it at their router.
0
 
LVL 10

Expert Comment

by:ddiazp
ID: 38808393
Can you post the bounce messages they get? What's the smtp error code you see on these bounces? Is this email being routed via a contact object in AD? From the email server, can you successfully query for the MX record for that domain, and telnet to that server on port 25?
0
 

Accepted Solution

by:
mrbayIt earned 0 total points
ID: 38811868
Delivery has failed to these recipients or groups:

christy.levine@presencelearning.com
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.

Diagnostic information for administrators:

Generating server: inbound.school.org

christy.levine@presencelearning.com
#< #5.0.0 X-Spam-&-Virus-Firewall; host presencelearning.com[50.97.213.210] said: 550-Please turn on SMTP Authentication in your mail client, or login to the 550-IMAP/POP3 server before sending your message. 550-apsaccess.school.org (inbound.school.org) 550-[75.59.196.196]:11275 is not permitted to relay through this server without 550 authentication. (in reply to RCPT TO command)> #SMTP#

Original message headers:

X-ASG-Debug-ID: 1358895570-03ba457845e8e700001-06K9AX
Received: from webmail.school.org
 (exchange.school.local [10.100.10.20]) by
 inbound.school.org with ESMTP id THieUuIF2DVpgvcL for
 <christy.levine@presencelearning.com>; Tue, 22 Jan 2013 14:59:30 -0800 (PST)
X-Barracuda-Envelope-From: admin@school.org
Received: from exchange.school.local ([::1]) by
 exchange.school.local ([::1]) with mapi id 14.01.0218.012; Tue,
 22 Jan 2013 14:59:30 -0800
From: admin <admin@school.org>
X-Barracuda-Apparent-Source-IP: ::1
To: "'christy.levine@presencelearning.com'"
      <christy.levine@presencelearning.com>
Subject:
Thread-Index: Ac349CF0YdEiNX6FRFaJ8gKJEJm/ng==
X-ASG-Orig-Subj:
Date: Tue, 22 Jan 2013 22:59:29 +0000
Message-ID: <A6463C0491A4354BA5787C6DB517DE72140CAC55@exchange.school.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.100.15.44]
Content-Type: multipart/alternative;
      boundary="_000_A6463C0491A4354BA5787C6DB517DE72140CAC55HOMX01aspirepub_"
MIME-Version: 1.0
X-Barracuda-Connect: exchange.school.local[10.100.10.20]
X-Barracuda-Start-Time: 1358895570
X-Barracuda-URL: http://barracuda.school.local:80/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at school.org
X-Barracuda-Spam-Score: 1.30
X-Barracuda-Spam-Status: No, SCORE=1.30 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=5.0 tests=HTML_MESSAGE, MISSING_SUBJECT, MISSING_SUBJECT_2
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.120618
      Rule breakdown below
       pts rule name              description
      ---- ---------------------- --------------------------------------------------
      0.00 HTML_MESSAGE           BODY: HTML included in message
      0.01 MISSING_SUBJECT        Missing Subject: header
      1.28 MISSING_SUBJECT_2      Missing Subject: header
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 10

Expert Comment

by:ddiazp
ID: 38811955
So people inside your organization are trying to send emails to @presencelearning.com, these emails are intended to go out your exchange server but then you get a hard bounce.

Do you have a specific send-connector on exchange for this domain?

What's interesting is that mx records for presencelearning.com point to google (google apps, postini) but your exchange server is trying to connect to 50.97.213.210 (sanjose.accountservergroup.com) which requires to be authenticated before it allows you to send any email. Here's a test I did myself:


220-s2-sanjose.accountservergroup.com ESMTP Exim 4.80 #2 Wed, 23 Jan 2013 13:07
14 -0800
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
helo mail1.test.com
250 s2-sanjose.accountservergroup.com Hello mail1.test.com [x.x.x.x]
mail from: <alert@school.org>
250 OK
rcpt to: <jessie.james@presencelearning.com>
550-Please turn on SMTP Authentication in your mail client, or login to the
550-IMAP/POP3 server before sending your message.  (mail1.test.com)
550-[x.x.x.x]:44674 is not permitted to relay through this server without
550 authentication.

Open in new window



can you do an nslookup as follows on your exchange server?

nslookup
server 8.8.4.4
set type=mx
presencelearning.com

and show me what you get?
0
 

Author Comment

by:mrbayIt
ID: 38812070
wow sir you are a true exchange admin. Thank you for your help thus far.

We have a barracuda spam filter that intercepts all traffic to deal with spam. i am not sure if we have a send connector for exchange, if you tell me how i can find out for you.

Here is what i got from that test you ask me to run

Non-authoritative answer:
presencelearning.com    MX preference = 20, mail exchanger = ALT1.ASPMX.L.GOOGLE
.com
presencelearning.com    MX preference = 30, mail exchanger = ALT2.ASPMX.L.GOOGLE
.com
presencelearning.com    MX preference = 10, mail exchanger = ASPMX.L.GOOGLE.com
presencelearning.com    MX preference = 40, mail exchanger = aspmx2.googlemail.c
om
presencelearning.com    MX preference = 50, mail exchanger = aspmx3.googlemail.c
om
0
 

Author Comment

by:mrbayIt
ID: 38815684
any update sir?
0
 
LVL 10

Expert Comment

by:ddiazp
ID: 38817014
Sorry for the delay,

Can you repeat your nslookup query without the 'server 8.8.4.4' line? Didn't mean to add it on my previous request.

nslookup
set type=mx
presencelearning.com

Your barracuda seems fine, it's not the problem.


Did you inherit this system or did you set it up? Is the domain presencelearning.com affiliated to your company at all?


On your Exchange Console, can you expand the Organization->Hub Transport, go to 'Send Connectors' and for every Connector you see on that tab, right click, go to properties, and go to 'address space'. See if any of them refer to presencelearning.com or 50.97.213.210  or sanjose.accountservergroup.com?
0
 

Author Closing Comment

by:mrbayIt
ID: 38883806
e
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Utilizing an array to gracefully append to a list of EmailAddresses
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question