Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

exchange external email repeatedly blocked/undelivered

Posted on 2013-01-22
8
Medium Priority
?
943 Views
Last Modified: 2013-02-13
Hello, there is a specific email address that is being returned from everyone who uses exchange. What can i do about this, where could it be getting blocked
0
Comment
Question by:mrbayIt
  • 4
  • 3
8 Comments
 
LVL 4

Expert Comment

by:webtechgal
ID: 38807980
You can check with your ISP first. Ask them to check the logs and see if they are blocking it at their router.
0
 
LVL 10

Expert Comment

by:ddiazp
ID: 38808393
Can you post the bounce messages they get? What's the smtp error code you see on these bounces? Is this email being routed via a contact object in AD? From the email server, can you successfully query for the MX record for that domain, and telnet to that server on port 25?
0
 

Accepted Solution

by:
mrbayIt earned 0 total points
ID: 38811868
Delivery has failed to these recipients or groups:

christy.levine@presencelearning.com
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.

Diagnostic information for administrators:

Generating server: inbound.school.org

christy.levine@presencelearning.com
#< #5.0.0 X-Spam-&-Virus-Firewall; host presencelearning.com[50.97.213.210] said: 550-Please turn on SMTP Authentication in your mail client, or login to the 550-IMAP/POP3 server before sending your message. 550-apsaccess.school.org (inbound.school.org) 550-[75.59.196.196]:11275 is not permitted to relay through this server without 550 authentication. (in reply to RCPT TO command)> #SMTP#

Original message headers:

X-ASG-Debug-ID: 1358895570-03ba457845e8e700001-06K9AX
Received: from webmail.school.org
 (exchange.school.local [10.100.10.20]) by
 inbound.school.org with ESMTP id THieUuIF2DVpgvcL for
 <christy.levine@presencelearning.com>; Tue, 22 Jan 2013 14:59:30 -0800 (PST)
X-Barracuda-Envelope-From: admin@school.org
Received: from exchange.school.local ([::1]) by
 exchange.school.local ([::1]) with mapi id 14.01.0218.012; Tue,
 22 Jan 2013 14:59:30 -0800
From: admin <admin@school.org>
X-Barracuda-Apparent-Source-IP: ::1
To: "'christy.levine@presencelearning.com'"
      <christy.levine@presencelearning.com>
Subject:
Thread-Index: Ac349CF0YdEiNX6FRFaJ8gKJEJm/ng==
X-ASG-Orig-Subj:
Date: Tue, 22 Jan 2013 22:59:29 +0000
Message-ID: <A6463C0491A4354BA5787C6DB517DE72140CAC55@exchange.school.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.100.15.44]
Content-Type: multipart/alternative;
      boundary="_000_A6463C0491A4354BA5787C6DB517DE72140CAC55HOMX01aspirepub_"
MIME-Version: 1.0
X-Barracuda-Connect: exchange.school.local[10.100.10.20]
X-Barracuda-Start-Time: 1358895570
X-Barracuda-URL: http://barracuda.school.local:80/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at school.org
X-Barracuda-Spam-Score: 1.30
X-Barracuda-Spam-Status: No, SCORE=1.30 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=5.0 tests=HTML_MESSAGE, MISSING_SUBJECT, MISSING_SUBJECT_2
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.120618
      Rule breakdown below
       pts rule name              description
      ---- ---------------------- --------------------------------------------------
      0.00 HTML_MESSAGE           BODY: HTML included in message
      0.01 MISSING_SUBJECT        Missing Subject: header
      1.28 MISSING_SUBJECT_2      Missing Subject: header
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
LVL 10

Expert Comment

by:ddiazp
ID: 38811955
So people inside your organization are trying to send emails to @presencelearning.com, these emails are intended to go out your exchange server but then you get a hard bounce.

Do you have a specific send-connector on exchange for this domain?

What's interesting is that mx records for presencelearning.com point to google (google apps, postini) but your exchange server is trying to connect to 50.97.213.210 (sanjose.accountservergroup.com) which requires to be authenticated before it allows you to send any email. Here's a test I did myself:


220-s2-sanjose.accountservergroup.com ESMTP Exim 4.80 #2 Wed, 23 Jan 2013 13:07
14 -0800
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
helo mail1.test.com
250 s2-sanjose.accountservergroup.com Hello mail1.test.com [x.x.x.x]
mail from: <alert@school.org>
250 OK
rcpt to: <jessie.james@presencelearning.com>
550-Please turn on SMTP Authentication in your mail client, or login to the
550-IMAP/POP3 server before sending your message.  (mail1.test.com)
550-[x.x.x.x]:44674 is not permitted to relay through this server without
550 authentication.

Open in new window



can you do an nslookup as follows on your exchange server?

nslookup
server 8.8.4.4
set type=mx
presencelearning.com

and show me what you get?
0
 

Author Comment

by:mrbayIt
ID: 38812070
wow sir you are a true exchange admin. Thank you for your help thus far.

We have a barracuda spam filter that intercepts all traffic to deal with spam. i am not sure if we have a send connector for exchange, if you tell me how i can find out for you.

Here is what i got from that test you ask me to run

Non-authoritative answer:
presencelearning.com    MX preference = 20, mail exchanger = ALT1.ASPMX.L.GOOGLE
.com
presencelearning.com    MX preference = 30, mail exchanger = ALT2.ASPMX.L.GOOGLE
.com
presencelearning.com    MX preference = 10, mail exchanger = ASPMX.L.GOOGLE.com
presencelearning.com    MX preference = 40, mail exchanger = aspmx2.googlemail.c
om
presencelearning.com    MX preference = 50, mail exchanger = aspmx3.googlemail.c
om
0
 

Author Comment

by:mrbayIt
ID: 38815684
any update sir?
0
 
LVL 10

Expert Comment

by:ddiazp
ID: 38817014
Sorry for the delay,

Can you repeat your nslookup query without the 'server 8.8.4.4' line? Didn't mean to add it on my previous request.

nslookup
set type=mx
presencelearning.com

Your barracuda seems fine, it's not the problem.


Did you inherit this system or did you set it up? Is the domain presencelearning.com affiliated to your company at all?


On your Exchange Console, can you expand the Organization->Hub Transport, go to 'Send Connectors' and for every Connector you see on that tab, right click, go to properties, and go to 'address space'. See if any of them refer to presencelearning.com or 50.97.213.210  or sanjose.accountservergroup.com?
0
 

Author Closing Comment

by:mrbayIt
ID: 38883806
e
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
how to add IIS SMTP to handle application/Scanner relays into office 365.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question