Solved

exchange external email repeatedly blocked/undelivered

Posted on 2013-01-22
8
864 Views
Last Modified: 2013-02-13
Hello, there is a specific email address that is being returned from everyone who uses exchange. What can i do about this, where could it be getting blocked
0
Comment
Question by:mrbayIt
  • 4
  • 3
8 Comments
 
LVL 4

Expert Comment

by:webtechgal
ID: 38807980
You can check with your ISP first. Ask them to check the logs and see if they are blocking it at their router.
0
 
LVL 10

Expert Comment

by:ddiazp
ID: 38808393
Can you post the bounce messages they get? What's the smtp error code you see on these bounces? Is this email being routed via a contact object in AD? From the email server, can you successfully query for the MX record for that domain, and telnet to that server on port 25?
0
 

Accepted Solution

by:
mrbayIt earned 0 total points
ID: 38811868
Delivery has failed to these recipients or groups:

christy.levine@presencelearning.com
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.

Diagnostic information for administrators:

Generating server: inbound.school.org

christy.levine@presencelearning.com
#< #5.0.0 X-Spam-&-Virus-Firewall; host presencelearning.com[50.97.213.210] said: 550-Please turn on SMTP Authentication in your mail client, or login to the 550-IMAP/POP3 server before sending your message. 550-apsaccess.school.org (inbound.school.org) 550-[75.59.196.196]:11275 is not permitted to relay through this server without 550 authentication. (in reply to RCPT TO command)> #SMTP#

Original message headers:

X-ASG-Debug-ID: 1358895570-03ba457845e8e700001-06K9AX
Received: from webmail.school.org
 (exchange.school.local [10.100.10.20]) by
 inbound.school.org with ESMTP id THieUuIF2DVpgvcL for
 <christy.levine@presencelearning.com>; Tue, 22 Jan 2013 14:59:30 -0800 (PST)
X-Barracuda-Envelope-From: admin@school.org
Received: from exchange.school.local ([::1]) by
 exchange.school.local ([::1]) with mapi id 14.01.0218.012; Tue,
 22 Jan 2013 14:59:30 -0800
From: admin <admin@school.org>
X-Barracuda-Apparent-Source-IP: ::1
To: "'christy.levine@presencelearning.com'"
      <christy.levine@presencelearning.com>
Subject:
Thread-Index: Ac349CF0YdEiNX6FRFaJ8gKJEJm/ng==
X-ASG-Orig-Subj:
Date: Tue, 22 Jan 2013 22:59:29 +0000
Message-ID: <A6463C0491A4354BA5787C6DB517DE72140CAC55@exchange.school.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.100.15.44]
Content-Type: multipart/alternative;
      boundary="_000_A6463C0491A4354BA5787C6DB517DE72140CAC55HOMX01aspirepub_"
MIME-Version: 1.0
X-Barracuda-Connect: exchange.school.local[10.100.10.20]
X-Barracuda-Start-Time: 1358895570
X-Barracuda-URL: http://barracuda.school.local:80/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at school.org
X-Barracuda-Spam-Score: 1.30
X-Barracuda-Spam-Status: No, SCORE=1.30 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=5.0 tests=HTML_MESSAGE, MISSING_SUBJECT, MISSING_SUBJECT_2
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.120618
      Rule breakdown below
       pts rule name              description
      ---- ---------------------- --------------------------------------------------
      0.00 HTML_MESSAGE           BODY: HTML included in message
      0.01 MISSING_SUBJECT        Missing Subject: header
      1.28 MISSING_SUBJECT_2      Missing Subject: header
0
 
LVL 10

Expert Comment

by:ddiazp
ID: 38811955
So people inside your organization are trying to send emails to @presencelearning.com, these emails are intended to go out your exchange server but then you get a hard bounce.

Do you have a specific send-connector on exchange for this domain?

What's interesting is that mx records for presencelearning.com point to google (google apps, postini) but your exchange server is trying to connect to 50.97.213.210 (sanjose.accountservergroup.com) which requires to be authenticated before it allows you to send any email. Here's a test I did myself:


220-s2-sanjose.accountservergroup.com ESMTP Exim 4.80 #2 Wed, 23 Jan 2013 13:07
14 -0800
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
helo mail1.test.com
250 s2-sanjose.accountservergroup.com Hello mail1.test.com [x.x.x.x]
mail from: <alert@school.org>
250 OK
rcpt to: <jessie.james@presencelearning.com>
550-Please turn on SMTP Authentication in your mail client, or login to the
550-IMAP/POP3 server before sending your message.  (mail1.test.com)
550-[x.x.x.x]:44674 is not permitted to relay through this server without
550 authentication.

Open in new window



can you do an nslookup as follows on your exchange server?

nslookup
server 8.8.4.4
set type=mx
presencelearning.com

and show me what you get?
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:mrbayIt
ID: 38812070
wow sir you are a true exchange admin. Thank you for your help thus far.

We have a barracuda spam filter that intercepts all traffic to deal with spam. i am not sure if we have a send connector for exchange, if you tell me how i can find out for you.

Here is what i got from that test you ask me to run

Non-authoritative answer:
presencelearning.com    MX preference = 20, mail exchanger = ALT1.ASPMX.L.GOOGLE
.com
presencelearning.com    MX preference = 30, mail exchanger = ALT2.ASPMX.L.GOOGLE
.com
presencelearning.com    MX preference = 10, mail exchanger = ASPMX.L.GOOGLE.com
presencelearning.com    MX preference = 40, mail exchanger = aspmx2.googlemail.c
om
presencelearning.com    MX preference = 50, mail exchanger = aspmx3.googlemail.c
om
0
 

Author Comment

by:mrbayIt
ID: 38815684
any update sir?
0
 
LVL 10

Expert Comment

by:ddiazp
ID: 38817014
Sorry for the delay,

Can you repeat your nslookup query without the 'server 8.8.4.4' line? Didn't mean to add it on my previous request.

nslookup
set type=mx
presencelearning.com

Your barracuda seems fine, it's not the problem.


Did you inherit this system or did you set it up? Is the domain presencelearning.com affiliated to your company at all?


On your Exchange Console, can you expand the Organization->Hub Transport, go to 'Send Connectors' and for every Connector you see on that tab, right click, go to properties, and go to 'address space'. See if any of them refer to presencelearning.com or 50.97.213.210  or sanjose.accountservergroup.com?
0
 

Author Closing Comment

by:mrbayIt
ID: 38883806
e
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
how to add IIS SMTP to handle application/Scanner relays into office 365.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now