Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange mail delivery issue

Posted on 2014-02-18
9
Medium Priority
?
305 Views
Last Modified: 2014-02-23
I have a strange error within Exchange...

Users cannot send to a number of different domains (that we've been able to send to for years) and the messages are just sitting in the queue on Exchange

The "last error" text shows
451 4.4.0 Primary target IP address responded with "421 please try later" attempted failover.....

I have checked our domain against blacklists and come up with nothing, though several have reported that our

Forward DNS does not match Reverse DNS - is this a problem?

I have also tried to telnet into the problem domains on port 25 and the connection gets immediately dropped with error "421 please try later"

I'm supposed to be on holiday tonight, any help gratefully received !!
0
Comment
Question by:dangermouse1977
  • 5
  • 3
9 Comments
 
LVL 27

Expert Comment

by:MAS
ID: 39866995
Please mention the version of exchange
0
 

Author Comment

by:dangermouse1977
ID: 39867010
Sorry, running Exchange server 2010
0
 

Author Comment

by:dangermouse1977
ID: 39867019
I've run the test connectivity tool within exchange and it's passed everything except

Error performing sender ID validation

That error seems to be something called "parsing the SPF record"
SPF record evaluation resulted in sender ID failure, the SPF record could not be parsed.

Checking the SPF record with an online tool, it seems to refer to the old mx record IP address from before we transferred our e-mail to our in house exchange server
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 27

Expert Comment

by:MAS
ID: 39867110
Please make sure your MX records are correct using the URLs below

https://testconnectivity.microsoft.com/
http://www.mxtoolbox.com
0
 

Author Comment

by:dangermouse1977
ID: 39867172
OK, the first one reports a sender ID validation failure due to SPF record mismatch -

the second seems to have a number of issues but i'm not quite sure whether they are relevent.... the domain concerned is adc-international.com if you want to check for yourself, you can use o.error@adc-international.com for the e-mail address
0
 
LVL 27

Expert Comment

by:MAS
ID: 39867227
On the "Default receive" connector please specify your external FQDN to avoid this warning.

Warning - Reverse DNS does not match SMTP Banner

check this
http://community.mxtoolbox.com/blog/what-does-the-warning-reverse-dns-does-not-match-smtp-banner-mean-smtp-diagnostic-tool/
0
 

Author Comment

by:dangermouse1977
ID: 39868444
OK,

Please forgive me for asking stupid questions but I see a potential for this to go very wrong if I make the wrong change...

So, I have opened Exchange System Manager and navigated to

server configuration / hub transport

Under "receive connectors" at the lower half of the middle of the screen I have 3 entries...
client <servername> default <servername> and "local network"

If I right click and select properties, I see an option on the "general" tab that says "specify an FQDN this connector will provide.... etc etc

on the "client <servername> tab this is set to "mail.adc-international.com" but on the default <servername> and "local network" tabs this is set to the internal network address of our mail server <servername.adc-int.com>

Should I change these 2 entries to "mail.adc-international.com" or am I barking up the wrong tree completely!
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39870527
Don't waste your time changing the Receive Connector banner. It is a change to satisfy a very stupid test, it will have NOTHING to do with your email flow.

http://blog.sembee.co.uk/post/Exchange-200720102013-Outbound-SMTP-Banner-Testing.aspx

Leave the connector as per the default, it will be fine.

The error message you are getting is usually caused by greylisting. Do all of the domains that you are using show the identical error? If so, that would be unusual unless they are all on the same host.

Exchange 2010 should cope with greylisting fine, with the messages going out shortly afterwards. However I have seen problems caused by third party tools stopping this from happening.

Simon.
0
 

Author Closing Comment

by:dangermouse1977
ID: 39881605
I think this must have been the issue as I changed nothing and within 24hrs mail flow was back to normal.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question