Solved

NDR Report - Bounced Email

Posted on 2013-10-25
18
460 Views
Last Modified: 2013-10-29
Hi everyone,

I am getting a bounced email from a very important client and I need to resolve this.

Here is the NDR from the body of the email....

************************************************

Diagnostic information for administrators:

Generating server: DNSWSRVR.dnsw.local

christinew@drsalter.com
#550 4.4.7 QUEUE.Expired; message expired ##

Original message headers:

Received: from DNSWSRVR.dnsw.local ([fe80::196b:a37:66ff:e025]) by
 DNSWSRVR.dnsw.local ([fe80::196b:a37:66ff:e025%11]) with mapi id
 14.01.0438.000; Wed, 23 Oct 2013 09:11:50 -0500
Content-Type: multipart/mixed;
      boundary="_000_1046A2449B4234488ADFB19E004777FB3F15DCDNSWSRVRdnswlocal_"
From: Dave Preis <DPreis@doctorssupplementstore.com>
To: Christine Wolf <christinew@drsalter.com>
Subject: testing email
Thread-Topic: testing email
Thread-Index: Ac7P+Zd1ZUyK+amfSq2lEvDtblJMSA==
Date: Wed, 23 Oct 2013 14:11:49 +0000
Message-ID: <1046A2449B4234488ADFB19E004777FB3F15DC@DNSWSRVR.dnsw.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator: <1046A2449B4234488ADFB19E004777FB3F15DC@DNSWSRVR.dnsw.local>
x-originating-ip: [192.168.1.25]
MIME-Version: 1.0
0
Comment
Question by:GenesisTech
  • 6
  • 5
  • 4
  • +3
18 Comments
 
LVL 1

Expert Comment

by:miller3773
Comment Utility
Your message timed out because of problems with the receiving server who
had a problem with your message. Typically there is a problem with the message header (such as too many recipients, in most cases, or a protocol timeout between the two
servers)
0
 

Author Comment

by:GenesisTech
Comment Utility
OK - so how do I fix it?

When I send to this person from my GMail account it works fine.

When I sent to this person from Hosted Exchange at GoDaddy, it worked fine.

Now I have moved to SBS and it will not go through to her.

???????
0
 
LVL 1

Expert Comment

by:SsbMs
Comment Utility
Looks like your server (DNSWSRVR.dnsw.local) generated NDR gue to message retention period is expired..

i suspect that the receipent domain in not rechable from your mail system (Firewall issue) also please get this checked with "drsalter.com" as well.
0
 
LVL 34

Expert Comment

by:Seth Simmons
Comment Utility
i would send another email and look at the exchange queue
there should be more information there as to why it can't deliver
usually it's a communication timeout if it later expires like this

i'm also wondering if this is related at all to your previous issue this week
0
 
LVL 1

Expert Comment

by:SsbMs
Comment Utility
also please check if on port 25 you are able to reach drsalter.com
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
This usually happens because of a blacklisting or similar, but the remote site doesn't give back a full NDR. There are many admins who think doing so will help spammers, which it does not.

Therefore you need to look in the queues to see if there is any additional text for the queued messages, before they get to the fatal NDR you have there. That NDR is of no use because it is just a time out.

Simon.
0
 
LVL 1

Expert Comment

by:SsbMs
Comment Utility
in blacklist you will get message like " remote server rejected your message" or message ahas been rejected due to poor MTA reputation" not QUEUE.Expired; message expired
0
 
LVL 7

Expert Comment

by:tankergoblin
Comment Utility
this look more like your email header... your NDR should have error description
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
That isn't true. It depends on the remote site.
If the remote site is set to reject with the NDR saying blacklist then you will see that.
However I have been dealing with a client who was getting repeating blacklisting, and their email was sitting in the queues with a temporary error about the Blacklist. Emails that got to the end of the 48 hour retry returned with the same error shown above. However if I was able to remove the blacklist in the retry window then the emails were delivered correctly within the hour - no re-send required.

Just because it doesn't say about blacklisting in the NDR doesn't mean it is involved, but that is why looking at the queues is most important. That will tell you why the message is delayed.

Could be a routing problem as well - again the queue will tell you, but the NDR will not.

Simon.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:GenesisTech
Comment Utility
This is all good feedback, but since I am not an Exchange admin, I am not completely sure if what I should do with all of this information.

BTW - This NDR came from a test that was done after we had made changes to DNS based upon another question here in Experts-Exchange.

How can I get further information from the Exchange Server? What should I get and post for you all to see?
0
 
LVL 1

Expert Comment

by:SsbMs
Comment Utility
OK.. if blacklist the case.. its easy to find by changing sender "doctorssupplementstore.com" IP Address (Public) for the source domain. Then try the test mail..
0
 
LVL 1

Expert Comment

by:SsbMs
Comment Utility
Also check if any connector set on HUB Server for the domain or any destination MTA Server defined on SMTP gateway which is not accepting packed from your domain.
0
 

Author Comment

by:GenesisTech
Comment Utility
SsbMs,

That all sounds great  - I have no idea how to do any of it.

And, are you really telling me the only way to do this is change our IP address? We lots of mail flowing for all clients and employees - why would I want to cause issues with the other 99.9% of email that is NOT having any problems?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
There are tools on the internet that will check if you are blacklisted. mxtoolbox.com is the main one.

The queue viewer is in Exchange Management Console.

I don't think changing your IP address is going to resolve anything, until you actually work out whether the issue is with you (being blacklisted or a routing issue) or them.

Simon.
0
 
LVL 1

Expert Comment

by:SsbMs
Comment Utility
Nope Not atoll.. in case of blacklist you can check by that changes if any IP DNS entry already you have on public DNS .. but don't appear blacklist issue for me..  :)

if remote.doctorssupplementstore.com 24.182.228.74 the sender IP. i don't see any blacklist or poor reputaion on RBL, SBL, senderbase and so..on..

still i suspect their the communication issue.. Please ask your exchange administrator  or who ever manage Email System for domain to check if any specific configuration for the destination..

Please ensure drsalter.com able to reach doctorssupplementstore.com on port 25.
0
 

Author Comment

by:GenesisTech
Comment Utility
No way to check with DrSalter.com. Not going to happen. It is a Doctors Office with no IT department.

The fact the (a) it works for gmail, and (b) it used to work for use when we were Hosted Exchange from GoDaddy, and (c) that it stopped working when we moved in house to SBS, means to me that something on my end is not setup correctly.

BTW - we are not showing up on any blacklists.

Any guidance would be helpful.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
Comment Utility
Have you looked in the queue viewer to see whether anything is listed?

Are you able to telnet to port 25 of the MX record host for the remote domain?

Working on another host such as GoDaddy isn't really proof of anything. The IP address is different for a start, so has a different reputation.

For accurate sending of email, you only need four things:

1. A static IP address.
2. A valid A record that points to that IP Address.
3. A PTR (aka reverse DNS) record on that IP address with a host name that matches that from point 2.
4. The FQDN on the Send Connector with the same value as point 2 and 3.

Everything else is extras - including the MX record using the same A record as point 2 and valid SPF records.

If you have all four options set, then the problem could be outside of your control.

Simon.
0
 

Author Closing Comment

by:GenesisTech
Comment Utility
Sembee2:

Thank you for the help that ultimately resolved the problem.

I looked up instructions on how to telnet into their domain to test it and it turns out they are hosted by GoDaddy Exchange and that GoDaddy had blocked my IP even though it was not sending me a NDR.

Once I saw that I was blocked, I was able to submit to be removed and today we successfully sent email to the domain in question.

Problem Resolved.

Thanks again!
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now