NDR Report - Bounced Email

Hi everyone,

I am getting a bounced email from a very important client and I need to resolve this.

Here is the NDR from the body of the email....


Diagnostic information for administrators:

Generating server: DNSWSRVR.dnsw.local

#550 4.4.7 QUEUE.Expired; message expired ##

Original message headers:

Received: from DNSWSRVR.dnsw.local ([fe80::196b:a37:66ff:e025]) by
 DNSWSRVR.dnsw.local ([fe80::196b:a37:66ff:e025%11]) with mapi id
 14.01.0438.000; Wed, 23 Oct 2013 09:11:50 -0500
Content-Type: multipart/mixed;
From: Dave Preis <DPreis@doctorssupplementstore.com>
To: Christine Wolf <christinew@drsalter.com>
Subject: testing email
Thread-Topic: testing email
Thread-Index: Ac7P+Zd1ZUyK+amfSq2lEvDtblJMSA==
Date: Wed, 23 Oct 2013 14:11:49 +0000
Message-ID: <1046A2449B4234488ADFB19E004777FB3F15DC@DNSWSRVR.dnsw.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator: <1046A2449B4234488ADFB19E004777FB3F15DC@DNSWSRVR.dnsw.local>
x-originating-ip: []
MIME-Version: 1.0
Who is Participating?
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
Have you looked in the queue viewer to see whether anything is listed?

Are you able to telnet to port 25 of the MX record host for the remote domain?

Working on another host such as GoDaddy isn't really proof of anything. The IP address is different for a start, so has a different reputation.

For accurate sending of email, you only need four things:

1. A static IP address.
2. A valid A record that points to that IP Address.
3. A PTR (aka reverse DNS) record on that IP address with a host name that matches that from point 2.
4. The FQDN on the Send Connector with the same value as point 2 and 3.

Everything else is extras - including the MX record using the same A record as point 2 and valid SPF records.

If you have all four options set, then the problem could be outside of your control.

miller3773Network AdministratorCommented:
Your message timed out because of problems with the receiving server who
had a problem with your message. Typically there is a problem with the message header (such as too many recipients, in most cases, or a protocol timeout between the two
GenesisTechAuthor Commented:
OK - so how do I fix it?

When I send to this person from my GMail account it works fine.

When I sent to this person from Hosted Exchange at GoDaddy, it worked fine.

Now I have moved to SBS and it will not go through to her.

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Looks like your server (DNSWSRVR.dnsw.local) generated NDR gue to message retention period is expired..

i suspect that the receipent domain in not rechable from your mail system (Firewall issue) also please get this checked with "drsalter.com" as well.
Seth SimmonsSr. Systems AdministratorCommented:
i would send another email and look at the exchange queue
there should be more information there as to why it can't deliver
usually it's a communication timeout if it later expires like this

i'm also wondering if this is related at all to your previous issue this week
also please check if on port 25 you are able to reach drsalter.com
Simon Butler (Sembee)ConsultantCommented:
This usually happens because of a blacklisting or similar, but the remote site doesn't give back a full NDR. There are many admins who think doing so will help spammers, which it does not.

Therefore you need to look in the queues to see if there is any additional text for the queued messages, before they get to the fatal NDR you have there. That NDR is of no use because it is just a time out.

in blacklist you will get message like " remote server rejected your message" or message ahas been rejected due to poor MTA reputation" not QUEUE.Expired; message expired
this look more like your email header... your NDR should have error description
Simon Butler (Sembee)ConsultantCommented:
That isn't true. It depends on the remote site.
If the remote site is set to reject with the NDR saying blacklist then you will see that.
However I have been dealing with a client who was getting repeating blacklisting, and their email was sitting in the queues with a temporary error about the Blacklist. Emails that got to the end of the 48 hour retry returned with the same error shown above. However if I was able to remove the blacklist in the retry window then the emails were delivered correctly within the hour - no re-send required.

Just because it doesn't say about blacklisting in the NDR doesn't mean it is involved, but that is why looking at the queues is most important. That will tell you why the message is delayed.

Could be a routing problem as well - again the queue will tell you, but the NDR will not.

GenesisTechAuthor Commented:
This is all good feedback, but since I am not an Exchange admin, I am not completely sure if what I should do with all of this information.

BTW - This NDR came from a test that was done after we had made changes to DNS based upon another question here in Experts-Exchange.

How can I get further information from the Exchange Server? What should I get and post for you all to see?
OK.. if blacklist the case.. its easy to find by changing sender "doctorssupplementstore.com" IP Address (Public) for the source domain. Then try the test mail..
Also check if any connector set on HUB Server for the domain or any destination MTA Server defined on SMTP gateway which is not accepting packed from your domain.
GenesisTechAuthor Commented:

That all sounds great  - I have no idea how to do any of it.

And, are you really telling me the only way to do this is change our IP address? We lots of mail flowing for all clients and employees - why would I want to cause issues with the other 99.9% of email that is NOT having any problems?
Simon Butler (Sembee)ConsultantCommented:
There are tools on the internet that will check if you are blacklisted. mxtoolbox.com is the main one.

The queue viewer is in Exchange Management Console.

I don't think changing your IP address is going to resolve anything, until you actually work out whether the issue is with you (being blacklisted or a routing issue) or them.

Nope Not atoll.. in case of blacklist you can check by that changes if any IP DNS entry already you have on public DNS .. but don't appear blacklist issue for me..  :)

if remote.doctorssupplementstore.com the sender IP. i don't see any blacklist or poor reputaion on RBL, SBL, senderbase and so..on..

still i suspect their the communication issue.. Please ask your exchange administrator  or who ever manage Email System for domain to check if any specific configuration for the destination..

Please ensure drsalter.com able to reach doctorssupplementstore.com on port 25.
GenesisTechAuthor Commented:
No way to check with DrSalter.com. Not going to happen. It is a Doctors Office with no IT department.

The fact the (a) it works for gmail, and (b) it used to work for use when we were Hosted Exchange from GoDaddy, and (c) that it stopped working when we moved in house to SBS, means to me that something on my end is not setup correctly.

BTW - we are not showing up on any blacklists.

Any guidance would be helpful.
GenesisTechAuthor Commented:

Thank you for the help that ultimately resolved the problem.

I looked up instructions on how to telnet into their domain to test it and it turns out they are hosted by GoDaddy Exchange and that GoDaddy had blocked my IP even though it was not sending me a NDR.

Once I saw that I was blocked, I was able to submit to be removed and today we successfully sent email to the domain in question.

Problem Resolved.

Thanks again!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.