[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Exchange 2010 refused connection from sender

Posted on 2013-12-25
6
Medium Priority
?
736 Views
Last Modified: 2014-01-02
Dear Expert,

I have a customer that cant send email to us recently, the log they provided state below,

2013-12-24 17:29:22,OUTBOUND,jmchen@efgh.com.tw<mailto:jmchen@efgh.com.tw>(172.21.36.135),joyce@abc,com<mailto:joyce@abc,com>(101.99.x.x-mail.abc,com<http://101.99.x.x-mail.abc,com>),967613063,22545,QUEUED,601,Deferred: Connection refused by mail.abc,com<http://mail.abc,com>
2013-12-24 17:29:22,OUTBOUND,miahsieh@efgh.com.tw<mailto:miahsieh@efgh.com.tw>(172.21.36.135),joyce@abc,com<mailto:joyce@abc,com>(101.99.x.x-mail.abc,com<http://101.99.x.x-mail.abc,com>),513374723,53521,QUEUED,601,Deferred: Connection refused by mail.abc,com<http://mail.abc,com>
2013-12-24 17:29:22,OUTBOUND,jmchen@efgh.com.tw<mailto:jmchen@efgh.com.tw>(172.21.36.135),joyce@abc,com<mailto:joyce@abc,com>(101.99.x.x-mail.abc,com<http://101.99.x.x-mail.abc,com>),914463265,13973,QUEUED,601,Deferred: Connection refused by mail.abc,com<http://mail.abc,com>
2013-12-24 17:29:22,OUTBOUND,miahsieh@efgh.com.tw<mailto:miahsieh@efgh.com.tw>(172.21.36.135),joyce@abc,com<mailto:joyce@abc,com>(101.99.x.x-mail.abc,com<http://101.99.x.x-mail.abc,com>),1285071653,25209,QUEUED,601,Deferred: Connection refused by mail.abc,com<http://mail.abc.com>


I did check their domain name, the spf and reversed dns is not found.

could it be the cause?

remarks: only this customer is having problem to send email to us

Thanks
Alfred
0
Comment
Question by:patcheah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 7

Expert Comment

by:dsnegi_25dec
ID: 39739741
Yes ...........
0
 
LVL 8

Assisted Solution

by:vSolutionsIT
vSolutionsIT earned 100 total points
ID: 39739767
Ask them to check if their email server's ip address is blacklisted or not. If yes then they will have to get it removed from the blacklists.
Do you have your email server's configured to check reverse DNS ? if yes then it could be the issue.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39739876
Yes, VSolutionIT is right..

Your Email server must be configured to check \ verify Sender's SPF record and if they don't have or got blacklisted, emails sent by them will be rejected by your server

Mahesh
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 4

Expert Comment

by:Pradeep VIshwakarma
ID: 39739925
You must request a REVERSE DNS ENTRY from your ISP who issued the block of IP ADDRESSES.

The NAME and IP ADDRESS to which is mapped MUST EXACTLY MATCH THE HOSTNAME OF THE MAIL SERVER SENDING THE E-MAIL.

If you use one IP ADDRESS to send for multiple domains, make certain the mapping matches the domain name of your HOSTING COMPANY and the setup a PTR RECORD for each hosted domain in the DNS for the hosted domain.

You should also set up REVERSE DNS on your local DNS SERVERS and create a PTR record for each of the hosted domain's HOST records which maps to the MX record for the e-mail.
0
 
LVL 25

Accepted Solution

by:
Marcus Bointon earned 100 total points
ID: 39740188
Notice that those errors in the logs are deferrals due to connection being refused, not bounces. "Connection refused" is not an SMTP-level issue - it's lower-level than that; I would check that they (or possibly their upstream ISP) are not blocking outbound SMTP. Blacklisting and reverse IP blocking typically happens within the SMTP layer, and should result in 5.1.7 status bounces, or at least 4.1.7 deferrals, neither of which are happening here.

A missing SPF is not a valid reason for rejection; the only basis for SPF rejection is a definitive 'FAIL' status, and many receivers (stupidly, since it defeats the entire point of it) do not even do that, and again, it's an SMTP-layer check and should result in a bounce. Insisting on matching reverse DNS is a reasonable anti-spam technique, but will often reject a mail from legitimate sources, such as gmail which often has mismatching reverse IPs (because they have such a high turnover of servers).
0
 

Author Closing Comment

by:patcheah
ID: 39750958
Thanks experts.

Request sender to add spf record. So far so good now. Happy New Year!
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question