• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 905
  • Last Modified:

SMTP Telnet Troubleshooting

Very easy question, should you always be able to "telnet mailservername 25" to a companys email server?

I have a company I'm trying to email and get a bounce back saying;  

"A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk."

and

"mailserver.domain.com #550 Invalid recipient <joeshmoe@domain.com> (#5.1.1) ##"

Their Internet facing Exchange 2010 SMTP server should be configured on port 25 and allow anonymous connections correct?

1. I used nslookup to find their mx record (mail.domain.com)
2. Tried the telnet command from my exchange server to theirs:

C:\>telnet mail.domain.com 25
Connecting To mail.domain.com...Could not open connection to the host, on port 25: Connect failed


Does this tell me that they need to check their side or am I missing something?

Both sides are Exchange 2010.

Thanks in advance.
0
GCTTechs
Asked:
GCTTechs
1 Solution
 
lindentoCommented:
Hi,

Their publicly listed mailserver has to be reachable on port 25.

But the error message you quoted is a message created by their system telling you that this email address joeshmoe@domain.com is not valid.

Just a question you sure it has to be joeshmoe@domain.com not joshmoe@domain.com?

Best regards
0
 
Seth SimmonsSr. Systems AdministratorCommented:
the mx record doesn't always point directly to the mail server
they may have an appliance or 3rd party doing content filtering - though, of course it doesn't explain why no response on port 25 on their mx listing
0
 
GCTTechsAuthor Commented:
Thanks lindento,

I found that I can Telnet to their public MX servers IP address from another computer, not on the company network...
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
GCTTechsAuthor Commented:
Yeah Seth, I hear that. I think our firewalls are not allowing me to telnet out to servers for testing.

I am able to telnet using the RCPT TO:JoeSchmoe@domain.com notify=success,failure and I get the delivery receipt.

I then tested sending an email from Outlook and the recipient received my email, but then I had two other users send tests from Outlook and they bounced back with  

"mailserver.domain.com #550 Invalid recipient <JoeShmoe@domain.com> (#5.1.1) ##"

Just wondering, since JoeShmoe recently changed his email address from JoeS@domain.com to JoeSchmoe@domain.com if we have something cached or such... Even though Ive asked the users to delete the autosaved drop down address and send to the manually entered JoeShmoe@domain.com...
0
 
GCTTechsAuthor Commented:
UNLESS this has something to do with DNS since I also cant telnet to the DNS names of the public MX servers, only to the IPs. (From that same computer off the network where the IPs worked).  (Scratches head again).
0
 
lindentoCommented:
Hi,

don't get confused here. The email is send via your exchange server so not the individual workstation will have dns resolve the mail server name only your exchange server has to.

So if the email is send from one account it works and from another account it does not work, the email delivery itself still works or you would not get a bounce back message saying email not valid.

How late is this change of email addresses of the recipient? Just now or days/weeks earlier?
Might be just that their receiving infrastructure has not yet updated all edge servers.

To get more details you might need to have a look at tracking logs vie EMC - toolbox tracking log explorer, there you will see what exchange tried to do and which ip address it tried to reach.

Best Regards
0
 
MysidiaCommented:
"mailserver.domain.com #550 Invalid recipient <joeshmoe@domain.com> (#5.1.1) ##"

This error, suggests that in fact your mail server actually is able to connect, and it's getting back an error message indicating that  the  TO address is invalid  (e.g.  "Recipient does not exist" ).

"Their Internet facing Exchange 2010 SMTP server should be configured on port 25 and allow anonymous connections correct? "


The answer is a qualified YES,    they must have some server configured on port 25 to allow anonymous connections from the internet,  in order for mail to work properly.

This does not necessarily have to be the Exchange server,  but it does have to be the IP address of a hostname  that can be found   by looking up the   MX record for the domain name.

If the domain name has no MX record,  then  the record looked up is just  plain  "exampledomainname.com"




The hostname of at least one server listed in the MX record has to allow connections on port 25, for delivery of mail from the internet to work.

There can be multiple MX records listed, and the Exchange server or  mail.exampledomain.com   does not necessarily have to be the MX server.


Here  is how you can lookup the   responsible mail address that a MX record points to,  using nslookup:

C:\>nslookup
Default Server: dns01.home.lan
Address:  172.17.0.10

> set type=MX
> example.com
Server: dns01.home.lan
Address:  172.17.0.10

example.com
    primary name server = sns.dns.icann.org
    responsible mail addr = noc.dns.icann.org
^^^^^
    serial = 2013102131
    refresh = 7200 (2 hours)
    retry = 3600 (1 hour)
    expire = 1209600 (14 days)
    default TTL = 3600 (1 hour)



In this example, you should be allowed to telnet to  noc.dns.icann.org  on port 25, from your mail server.

If not,  then there's no way an internet mail server such as yours can deliver mail to that domain.
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now