Link to home
Start Free TrialLog in
Avatar of Jesse Turner
Jesse TurnerFlag for United States of America

asked on

Exchange 2003 There was a SMTP communication problem with recipients email server NDR's

I've been having several users randomly getting these bounce backs about an SMTP communication problem with the recipients email server, some say sorry, no mailbox here by that name, some say please turn on SMTP authentication in your mail client.

When tracking the message in the System Manager it never shows it leaves our Exchange server just gives the NDR.

I went to check the event logs and saw that there was a DCOM error 10009 saying it was unable to communicate with the computer abc.bigfish.com using any of the configured protocols.

Its interesting because the user can send it out again and it will eventually go.

So why is this happening and what could be causing it.

Thank you
Avatar of Postmaster
Postmaster
Flag of Australia image

Check the address being used. Remove any cached addresses (when auto-fill shows address use cursor to highlight and hit delete key).

Contact entries can become corrupt - they look OK, but Exchagne cannot figure out the delivery type.

Enter full SMTP from scratch, and if this works then re-make the contact address.
As said abve,,  type the address manually instead of selecting from cached memory.

Do u use any smarthost for sending emails..?
Check whether ur IP has reverse DNS and make sure it is not in RBL here .

If u are using some Antivirus, disable it for some time and check..
Post the NDR's here, next time.
Avatar of Jesse Turner

ASKER

The remote user said they deleted the entry from the N2K Cache but still having the same results with NDR

No smarthost for sending mail, just exchange 2003 server

Yes it does have reverse dns and its not RBL I checked it on mxtoolbox.com and everything is fine.

I do use Symantec Mail security but nothing is showing up in there for this



Your message did not reach some or all of the intended recipients.

      Subject:      GIS SIPP
      Sent:      5/22/2013 9:55 AM

The following recipient(s) cannot be reached:

      Robert Beck on 5/22/2013 9:55 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <mail.company.com #5.5.0 smtp;550-Please turn on SMTP Authentication in your mail client, or login to the>
Update on this one: It is happening ot other users, I actually have another user that is getting these same NDR's however I just gave them a new Laptop with a brand new profile setup on Outlook 2007 and didn't copy over there previous N2K file so they had to manually type in the email address, they were sending to domain @ua290.org and I looked it up on MXtoolbox and it looks reputible. What could be causing this NDR messages from my server?????

Your message did not reach some or all of the intended recipients.

      Subject:      Accepted: Meet w/ Jeff from       Sent:      5/24/2013 12:24 PM

The following recipient(s) cannot be reached:

      Johndo@ua290.org on 5/24/2013 12:24 PM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <mail.christenson.com #5.5.0 smtp;550-Please turn on SMTP Authentication in your mail client, or login to the>


Nothing in the Exchange Event Logs shows anything for this and when using ESM to track the message all it shows is that the SMTP: Message routed and queued for remote delivery then it Starts the Outbound Transfer of Message and then the NDR is generated.
Here is the SMTP log that shows the last NDR, its weird because I don't know who richardndd@mydomain.com is, there not a registered user on our domain and right after that it shows Please+turn+on+SMTP+Authentication+in+your+mail+client,+or+login+to+the 0 0 75 0 5468 SMTP - - - -

Can someone help me on this one?


2013-05-24 19:24:09 207.58.131.161 OutboundConnectionResponse SMTPSVC1 SFO-EX01 - 25 - - 220-polaris.tundradns.com+ESMTP+Exim+4.80+#2+Fri,+24+May+2013+12:24:09+-0700+ 0 0 77 0 93 SMTP - - - -
2013-05-24 19:24:09 207.58.131.161 OutboundConnectionCommand SMTPSVC1 SFO-EX01- 25 EHLO - mail.mydomain.com 0 0 4 0 93 SMTP - - - -
2013-05-24 19:24:09 207.58.131.161 OutboundConnectionResponse SMTPSVC1 SFO-EX01- 25 - - 250-polaris.tundradns.com+Hello+mail.mydomain.com+[199.3.195.254] 0 0 68 0 172 SMTP - - - -
2013-05-24 19:24:09 207.58.131.161 OutboundConnectionCommand SMTPSVC1 SFO-EX01- 25 MAIL - FROM:<Jeff.Macomb@mydomain.com>+SIZE=2748 0 0 4 0 172 SMTP - - - -
2013-05-24 19:24:09 207.58.131.161 OutboundConnectionResponse SMTPSVC1 SFO-EX01 - 25 - - 250+OK 0 0 6 0 265 SMTP - - - -
2013-05-24 19:24:09 207.58.131.161 OutboundConnectionCommand SMTPSVC1 SFO-EX01 - 25 RCPT - TO:<johndo@ua290.org> 0 0 4 0 265 SMTP - - - -
2013-05-24 19:24:09 10.128.160.9 gateway.mydomain.com SMTPSVC1 SFO-EX01 10.128.200.7 0 RCPT - +TO:<richardndd@mydomain.com> 550 0 0 36 0 SMTP - - - -
2013-05-24 19:24:14 207.58.131.161 OutboundConnectionResponse SMTPSVC1 SFO-EX01- 25 - - 550-Please+turn+on+SMTP+Authentication+in+your+mail+client,+or+login+to+the 0 0 75 0 5468 SMTP - - - -
2013-05-24 19:24:14 207.58.131.161 OutboundConnectionCommand SMTPSVC1 SFO-EX01 - 25 RSET - - 0 0 4 0 5468 SMTP - - - -
2013-05-24 19:24:14 207.58.131.161 OutboundConnectionResponse SMTPSVC1 SFO-EX01- 25 - - 250+Reset+OK 0 0 12 0 5547 SMTP - - - -
2013-05-24 19:24:14 207.58.131.161 OutboundConnectionCommand SMTPSVC1 SFO-EX01 - 25 QUIT - - 0 0 4 0 5578 SMTP - - - -
2013-05-24 19:24:14 207.58.131.161 OutboundConnectionResponse SMTPSVC1 SFO-EX01- 25 - - 221+polaris.tundradns.com+closing+connection 0 0 44 0 5656 SMTP - - - -
Well it doesn't seem to be happening anymore, perhaps the users just stopped telling me and just dealing with it.

anybody have any thoughts still on this one?
Nope - odd
Ok so interesting enough, I had a user just get this same message again today and notified me, once he gets the bounce back message he just resends the same message and it goes through.

In ESM message tracking it shows that one message was NDR and then it shows the other message as transferred to outside domain (asp.reflexion.net)

So I went into the Event viewer and I saw this event in the System:

Source: DCOM
EVENT ID: 10009
DCOM was unable to communicate with the computer asp.relexion.net using any of the configured protocols.

It seems like its timing us out and dropping the connection.

Any ideas on that?
So I looked more into the SMTP logs and found another interesting key to this head scratcher.

It shows our Outbound connection response connecting to the companies WWW address (there website)

But then after sending the email again it connnects to the correct Mail Server.

Why would it attempt to connect to there Website IP address and not the Mail Server IP address?
Here is the first email showing its trying to connect to their website IP address:

2013-06-28 13:38:32 174.132.167.154 OutboundConnectionResponse SMTPSVC1  - 25 - - 220-gator706.hostgator.com+ESMTP+Exim+4.80+#2+Fri,+28+Jun+2013+08:38:32+-0500+ 0 0 78 0 47 SMTP - - - -


Here is the second email with the correct connection to their mail server:

2013-06-28 13:39:19 69.84.129.233 OutboundConnectionResponse SMTPSVC1  - 25 - - 220+asp.reflexion.net+mail-is-03+ESMTP 0 0 38 0 94 SMTP - - - -
ASKER CERTIFIED SOLUTION
Avatar of Jesse Turner
Jesse Turner
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I had to call Microsoft Tech Support for the answer
Avatar of bossagroup
bossagroup

Thanks - I had old DNS forwarders in the system that were no longer being used, this post helped
Thanks, this helped confirm my suspicion around DNS. The domain I was trying to send to had 2 MX records with the same priority setting and one of the MX records was incorrect. Our DNS cache had the incorrect MX record as the primary. Once the correct MX record was set as higher priority (lower preference), mail was delivered correctly.