Why: 400 4.4.7 Message Delayed

Exchange 2007 Enterprise SP3 Rollup 11.
Windows Server 2008 Enterprise

Let me state first that we are not experiencing any chronic delivery issues, delays or NDRs in our queues.  However, we have a particular issue with one domain where emails will not be delivered.  When trying to telnet to the mail server (mail.webpage.t-com.de) I get the following error:

554 - A problem occurred. (Ask your postmaster for help or to contact tosa@rx.t-online.de to clarify.) (BL)  Connection to host lost.

In my Exchange Queue Viewer I have a test message sitting there with a 400.4.4.7 Message delayed.

All of this is very ambiguous.  My question is, How do you find a more defined cause of why messaged or delayed or not delivered?  How can we tell if its because of a black list, or non PTR record or any number of reasons why a message may be dropped or not delivered?  I looked through the SMTP logs but can not find this message that is currently in the queue delayed.

I would like to see something that say, "Hey, Buddy.  We could not deliver your message because the receiving server is a dolt and thinks your message is coming from a SPAM IP address."

All kidding aside, how does one go about finding the root cause of a delivery failures without more information?  Obviously, the recipient is saying, "Well, we are receiving email from others OK.  it must be you."  And we are thinking, "Well, we can send to everyone without failures, so it must be them."

Thank you in advance.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sudeep SharmaTechnical DesignerCommented:
can you ping the server mail.webpage.t-com.de ?

Could you do the tracert to the server fine?

Are you doing telnet to port 25?

telnet mail.webpage.t-com.de 25, right?

I am able to connect to the server, so probably they are blocking your Exchange public IP address.

As SSharma said first verify if you able to do telnet session and then you may use a command line to send the email

CappperAuthor Commented:
Thank you.
Yes I can Ping
Yes I can complete a trace route
Yes I am I am doing  >telnet mail.webpage.t-com.de 25

However, as soon as I execute the telnet mail.webpage.t-com.de 25 command I get the error I indicated above.  554 - A problem occurred. (Ask your postmaster for help or to contact tosa@rx.t-online.de to clarify.) (BL)  Connection to host lost.

Thank you.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Sudeep SharmaTechnical DesignerCommented:
So check you public Ip address if that is blacklisted anywhere.

I would start with MXToolBox.


CappperAuthor Commented:
Thank you Sudeep,
That was the first thing I checked.  But I also get weekly alerts from MXtoolbox on our blacklist status so I was pretty sure that was not the cause.
Sudeep SharmaTechnical DesignerCommented:
You could also check the IP on
http://www.dnsgoodies.com/  (Spam Database Check)


http://dnsquery.org/ (RBL Query)

and also at Trend Micro:

https://ers.trendmicro.com/ (IP Reputation Lookup)

You never know which RBL the client is using.

Sudeep SharmaTechnical DesignerCommented:
Also check the PTR and Reverse DNS check of the Exchange IP address.

You could perform that from http://www.dnsgoodies.com/

CappperAuthor Commented:
Thank Sudeep,
These are all good sites and ones I do use.  Although, I did not know about the TrendMicro site.  Thanks.

However, this is going beyond the scope of my initial query.  I know how to use troubleshooting tools to determine mail flow issues.  What my question was:  Is there a way to tell from the Exchange Message Tracking, Queue Viewer, Logs, etc what exactly caused the failure in more detail so that so much investigation is not needed?  For example if the message got refused with a response "Message refused because of invalid PTR record."

Thank you again.
Sudeep SharmaTechnical DesignerCommented:
The kind of error message which would be sent depends on the remote server and not your email server.

Simon Butler (Sembee)ConsultantCommented:
If you were blacklisted, then a server that has been setup correctly would reject the email immediately with a failure code. Anything else is a sign of a badly configured server. Delay messages are usually because of a routing issue or something like greylisting, which delays the message and forces the server to resend later. The idea being that spammers will not try again.

As for diagnostics, you are completely dependant on the remote email server admin putting something useful in the NDR. However I tend to find that badly configured servers will mean bad NDRs.

The NDR text isn't generated from your server.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.