Solved

Email issue

Posted on 2014-02-19
12
283 Views
Last Modified: 2014-02-24
We have a customer who's unable to deliver email to us, no one else that I'm aware of is having this issue. They're mail provider is hostgator.com and I've worked with their support staff to try and resolve and we aren't making any headway. We have an inbound spam filter and the logs do not indicate a connection attempt from abc.com, nor do the firewall logs show a connection attempt - watched them real-time. I have verified on both the firewall and spam filter their domain and IP address is not being blocked.

A traceroute and DNS lookup from their mail server work properly. I have verified our domain is clean, not on any blacklists. Below are the logs from their attempt to send email to us from trouble domain.  

2014-02-18 14:51:46 1WFrdq-00072o-So <= test@abc.com H=localhost.localdomain (192.232.201.71) [127.0.0.1]:60990 I=[127.0.0.1]:25 P=esmtpa A=dovecot_login:test@abc.com S=638 id=a0322880150e6dc38e6891ae2d832634@abc.com T="gatoraustin2" from <hgtest@abc.com> for rlivermore@twns.com
2014-02-18 14:51:46 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1WFrdq-00072o-So
2014-02-18 14:51:46 1WFrdq-00072o-So SMTP connection outbound 1392756706 1WFrdq-00072o-So abc.com rlivermore@twns.com
2014-02-18 14:52:50 1WFrdq-00072o-So mail2.twns.com [70.167.201.19] Connection timed out
2014-02-18 14:52:50 1WFrdq-00072o-So == rlivermore@twns.com R=lookuphost T=remote_smtp defer (110): Connection timed out
0
Comment
Question by:BERITM
  • 5
  • 2
  • 2
  • +3
12 Comments
 
LVL 5

Expert Comment

by:Dave Gould
ID: 39870688
The problem sounds 99% certain to be on your customers mail system.
What mail system are they using?
Are they sure that they are using the DNS and dont have any false configs somewhere?
When they said that they tested DNS, did they run an nslookup from their mail server?
Did they specify that the should look at the MX record or did you give them the server name?
Can they try a manual telnet to port 25 to your inbound mail server from their mail server? If so can they emulate the smtp protocol and send a mail manually?
ie ...
telnet yourmailserver.com 25
helo yourmaildomain
mail from: <any.user@theirdomain.com>
rcpt to: <any.user@yourdomain.com>
data
blah blah blah
.
quit
0
 
LVL 7

Expert Comment

by:Arpit Bajpai
ID: 39870690
Hi looking at the logs I can see you are trying to send email via port 25..which now days is blocked by default.

Try the following steps.
Delete the MX records and put them back... (only 5% chances that this will work
Change the port on local server to 587 using security TLS.


I hope this will help. further more let me know the domain name in private so that i can run some tests.

Thanks
Arpit.
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39870730
Hello,

This isn't a DNS issue as the logs show the IP is resolving correctly. It is the same IP I get when I do a lookup. Have they tried to telnet to port 25 of your server from their server?

-JJ
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 39870745
Please note I cannot connect to mail2.twns.com [70.167.201.19] either (both port 25 and 587) (it's also the current MX record on my side. so it's not a DNS problem either on the customer's side)
I'm not so sure it's a problem on the customer's side!
0
 

Author Comment

by:BERITM
ID: 39870757
trappa01, it does appear to be a problem on their end but unless I can somehow prove it then it becomes a silly finger pointing contest. They are using a Linux variant. DNS does resolve correctly though I did not have them verify the mx record, sent an email to them asking for them to try. I had them try a telnet session to port 25 to our filter by both FQDN and IP address.

arpit,
Are you suggesting I have our public MX record be deleted and added back in? We are not using TLS and prefer not to do so
0
 
LVL 8

Expert Comment

by:Jeff Perry
ID: 39870761
twns.com does not have an spf record.

Ask the hostgator techs if they are configured to require spf records.
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:BERITM
ID: 39870765
Kimputer, how did you try connecting, telnet from a command prompt?
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39870772
Do not delete and recreate your MX record. That is not necessary. They are fine.

This is for sure an issue on the sender's side. Unfortunately, there is nothing you are going to be able to do to prove it. Since your firewall doesn't even show a connection attempt, there are no logs on your side to prove or disprove the issue is on the sender's side. You would need access to the sender's firewall logs.

-JJ
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 39870786
BERITM: yes from command line, telnet
Here's some more info

E:\Documents and Settings\Administrator>telnet 70.167.201.19 25
Connecting To 70.167.201.19...Could not open a connection to host on port 25 : C
onnect failed


E:\Documents and Settings\Administrator>telnet gmail-smtp-in.l.google.com 25
220 mx.google.com ESMTP l41si1522301eew.102 - gsmtp

E:\Documents and Settings\Administrator>tracert 70.167.201.19 25
  5   102 ms   101 ms   105 ms  us-was03a-rd1-xe-0-3-0.aorta.net [84.116.130.66]

  6   115 ms   115 ms   124 ms  us-chi01a-ri2-gi-6-1-0.aorta.net [213.46.190.106
]
  7   115 ms   115 ms   116 ms  68.105.30.241
  8   162 ms   161 ms   162 ms  mcdldsrj01-ae1.0.rd.ph.cox.net [68.1.3.115]
  9   163 ms   163 ms   165 ms  70.169.76.226
 10     *        *        *     Request timed out.
 11     *        *        *     Request timed out.
 12   174 ms   176 ms   171 ms  mail.twns.com [184.183.14.210]
 13   173 ms   170 ms   175 ms  mail2.twns.com [70.167.201.19]
 14     *        *        *     Request timed out.
 15     *        *        *     Request timed out.
 16     *        *        *     Request timed out.
 17     *        *        *     Request timed out.
 18     *        *        *     Request timed out.
 19     *        *        *     Request timed out.
 20     *        *        *     Request timed out.
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23     *        *        *     Request timed out.
 24     *        *        *     Request timed out.
 25     *
0
 

Author Comment

by:BERITM
ID: 39870795
Kimputer,
The trace route is good but its odd the telnet attempt failed
0
 

Accepted Solution

by:
BERITM earned 0 total points
ID: 39871071
Turns out the customer was blacklisted at lashback, their service provider is working on resolving the issue.
0
 

Author Closing Comment

by:BERITM
ID: 39882063
mxtoolbox found the source of the problem
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video discusses moving either the default database or any database to a new volume.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now