?
Solved

Exchange mail delivery issue

Posted on 2014-02-18
9
Medium Priority
?
309 Views
Last Modified: 2014-02-23
I have a strange error within Exchange...

Users cannot send to a number of different domains (that we've been able to send to for years) and the messages are just sitting in the queue on Exchange

The "last error" text shows
451 4.4.0 Primary target IP address responded with "421 please try later" attempted failover.....

I have checked our domain against blacklists and come up with nothing, though several have reported that our

Forward DNS does not match Reverse DNS - is this a problem?

I have also tried to telnet into the problem domains on port 25 and the connection gets immediately dropped with error "421 please try later"

I'm supposed to be on holiday tonight, any help gratefully received !!
0
Comment
Question by:dangermouse1977
  • 5
  • 3
9 Comments
 
LVL 28

Expert Comment

by:MAS
ID: 39866995
Please mention the version of exchange
0
 

Author Comment

by:dangermouse1977
ID: 39867010
Sorry, running Exchange server 2010
0
 

Author Comment

by:dangermouse1977
ID: 39867019
I've run the test connectivity tool within exchange and it's passed everything except

Error performing sender ID validation

That error seems to be something called "parsing the SPF record"
SPF record evaluation resulted in sender ID failure, the SPF record could not be parsed.

Checking the SPF record with an online tool, it seems to refer to the old mx record IP address from before we transferred our e-mail to our in house exchange server
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
LVL 28

Expert Comment

by:MAS
ID: 39867110
Please make sure your MX records are correct using the URLs below

https://testconnectivity.microsoft.com/
http://www.mxtoolbox.com
0
 

Author Comment

by:dangermouse1977
ID: 39867172
OK, the first one reports a sender ID validation failure due to SPF record mismatch -

the second seems to have a number of issues but i'm not quite sure whether they are relevent.... the domain concerned is adc-international.com if you want to check for yourself, you can use o.error@adc-international.com for the e-mail address
0
 
LVL 28

Expert Comment

by:MAS
ID: 39867227
On the "Default receive" connector please specify your external FQDN to avoid this warning.

Warning - Reverse DNS does not match SMTP Banner

check this
http://community.mxtoolbox.com/blog/what-does-the-warning-reverse-dns-does-not-match-smtp-banner-mean-smtp-diagnostic-tool/
0
 

Author Comment

by:dangermouse1977
ID: 39868444
OK,

Please forgive me for asking stupid questions but I see a potential for this to go very wrong if I make the wrong change...

So, I have opened Exchange System Manager and navigated to

server configuration / hub transport

Under "receive connectors" at the lower half of the middle of the screen I have 3 entries...
client <servername> default <servername> and "local network"

If I right click and select properties, I see an option on the "general" tab that says "specify an FQDN this connector will provide.... etc etc

on the "client <servername> tab this is set to "mail.adc-international.com" but on the default <servername> and "local network" tabs this is set to the internal network address of our mail server <servername.adc-int.com>

Should I change these 2 entries to "mail.adc-international.com" or am I barking up the wrong tree completely!
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39870527
Don't waste your time changing the Receive Connector banner. It is a change to satisfy a very stupid test, it will have NOTHING to do with your email flow.

http://blog.sembee.co.uk/post/Exchange-200720102013-Outbound-SMTP-Banner-Testing.aspx

Leave the connector as per the default, it will be fine.

The error message you are getting is usually caused by greylisting. Do all of the domains that you are using show the identical error? If so, that would be unusual unless they are all on the same host.

Exchange 2010 should cope with greylisting fine, with the messages going out shortly afterwards. However I have seen problems caused by third party tools stopping this from happening.

Simon.
0
 

Author Closing Comment

by:dangermouse1977
ID: 39881605
I think this must have been the issue as I changed nothing and within 24hrs mail flow was back to normal.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I am posting this in case anyone runs into similar issues that I did, this may save you a lot of grief: Condition: 1. Your NetBIOS domain name contains an ampersand " & " character.  (e.g. AT&T) 2. You've tried to run any Microsoft installation…
You finally migrated Public Folders to Office 365, decommissioned the Public Folder mailbox database and since then, when you send an email from on-premise to mail-enabled Public Folders, you get the following error: "Misconfigured public folder mai…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses
Course of the Month9 days, 22 hours left to enroll

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question