Link to home
Start Free TrialLog in
Avatar of Cashpanda
CashpandaFlag for United States of America

asked on

Single Domain not able to send incoming mail to my Exchange

Exchange 2010
Server 2008R2
Sonicwall Security appliance

Hello,

I have one domain that is unable to send email into my company.

We can communicate with them properly in our sends, but when they send inbound to my network, they get a generic bounce back coming from my Sonicwall device with no codes or details.
The sonicwall makes no record of any incoming transmission from them in the audit log.

I have added their Domain IP into my trusted networks list, as well as to the allowed list in my Sonicwall device.
I have done testing through Exchange diagnostics toolbox and all were successful-- even the test mimicking a send their email server.

I can assume the problem is on our end, as the bounceback comes from the sonicwall on our end.

I am looking for any direction as to where to look next.
All responses are appreciated.
Avatar of Cliff Galiher
Cliff Galiher
Flag of United States of America image

I would not necessarily assume the problem is at your end. If you have enabled email security services on your SonicWall and their server is not in compliance (most often on a blacklist) then the SonicWall will reject the communication in real-time. But it is their issue because they are blacklisted.

You can configure the SonicWall to report on any rejected email attempts like this, that'd be a first step. Seeing the bounceback (they are rarely as generic as they may seem at first glance) would also be helpful. Finally, as a last-ditch test, you could disable any email security on the sonicwall and just port forward all port 25 to your Exchange server. You'll definitely get an uptick in spam, but will at least verify that it is the email security settings that are rejecting the email.

-Cliff
Avatar of Cashpanda

ASKER

I have looked them up, and neither they or I are on any major blacklist.

MXtoolbox SMTP diagnostics they sent us state there is an "SMTP Reverse DNS Mismatch", and  "unsupported SMTP TLS".
This was the extent of the diagnostics (on their end) that they have made available to me.

When I run the same MXtoolbox SMTP diagnostics against them, the same exact results show for their end.

SMTP Port 25 is wide open on their end, as well as my end.

I'm getting together with them to see if they can give me the exact wording of the bounce they receive.
Most likely the issue is the reverse dns mismatch. Many mail senders will not deliver mail unless both the forward and reverse match.

You can verify this using Reverse Lookup on MXtoolbox.
I have corrected the reverse DNS issue from the record on my hosting ISP.
They all point to and from my domain now.
The single domain blocked incoming mail issue still persists.

they have also noted that they cannot telnet port 25 to mine
 [telnet mail.(minorengineeringfirm).com 25]
I am able to telnet my own from the inside, but
but I can not theirs:
 [telnet mail.(somewhatmajorengineeringfirm).com 25]
Can you post the bounce back message from the Sonicwall.
this is the general bounce he sent me from his end:


"Delivery Failure Report

 Your message: (Re: test email) was not delivered
 to:<myself@mydomain.com> because:

Router: Failed to connect to SMTP host MYDOMAIN.COM
             because : The server is not responding. The server may be
            down or you may be experiencing network problems. Contact
            your system administrator if this problem persists."

*my server is not down. Outside SMTP check shows up fine.
*He is the systems administrator on his end
*mydomain.com is not my real DN

When he looked me up on mxtoolbox, he mentioned it was giving him a 220 sonicwall.MYDOMAIN.com error.  Sonicwall tech support said a 220 will not prevent incoming email.
Well if they are the only apparent site that cannot connect to your Sonicwall then it is logical to assume that it is blocking them.

Can you insure that the ip address they are trying to telnet to is the correct one. Have them try the ip and not the url mail....  Make sure they tell you when they are doing it so you can watch the Sonicwall log at that time (just in case it is being missed).

Do you use any other mail service (like Trend) for spam checking or anything in front of the Sonicwall? Does your mx record resolve directly to the WAN ip of the Sonicwall?
They are using the correct telnet address.
They can Ping my MX, and they can complete a tracert.
I cannot ping their MX and my tracert fails about half way through the send.

They are using Lotus Domino to send mail.

It seems as though the mail they send does not make it to my network at all.
There are no records in the audit logs showing any transmissions.

The sonicwall is our spam appliance, we do not use any other services for security.
Are you using the optional Sonicwall CAS product?
No, we do not use any optional sonicwall items.
Any chance you can get a complete bounced email with all headers?
ASKER CERTIFIED SOLUTION
Avatar of Cashpanda
Cashpanda
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Self-resolution