[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 309
  • Last Modified:

Email issue

We have a customer who's unable to deliver email to us, no one else that I'm aware of is having this issue. They're mail provider is hostgator.com and I've worked with their support staff to try and resolve and we aren't making any headway. We have an inbound spam filter and the logs do not indicate a connection attempt from abc.com, nor do the firewall logs show a connection attempt - watched them real-time. I have verified on both the firewall and spam filter their domain and IP address is not being blocked.

A traceroute and DNS lookup from their mail server work properly. I have verified our domain is clean, not on any blacklists. Below are the logs from their attempt to send email to us from trouble domain.  

2014-02-18 14:51:46 1WFrdq-00072o-So <= test@abc.com H=localhost.localdomain (192.232.201.71) [127.0.0.1]:60990 I=[127.0.0.1]:25 P=esmtpa A=dovecot_login:test@abc.com S=638 id=a0322880150e6dc38e6891ae2d832634@abc.com T="gatoraustin2" from <hgtest@abc.com> for rlivermore@twns.com
2014-02-18 14:51:46 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1WFrdq-00072o-So
2014-02-18 14:51:46 1WFrdq-00072o-So SMTP connection outbound 1392756706 1WFrdq-00072o-So abc.com rlivermore@twns.com
2014-02-18 14:52:50 1WFrdq-00072o-So mail2.twns.com [70.167.201.19] Connection timed out
2014-02-18 14:52:50 1WFrdq-00072o-So == rlivermore@twns.com R=lookuphost T=remote_smtp defer (110): Connection timed out
0
BERITM
Asked:
BERITM
  • 5
  • 2
  • 2
  • +3
1 Solution
 
Dave GouldCommented:
The problem sounds 99% certain to be on your customers mail system.
What mail system are they using?
Are they sure that they are using the DNS and dont have any false configs somewhere?
When they said that they tested DNS, did they run an nslookup from their mail server?
Did they specify that the should look at the MX record or did you give them the server name?
Can they try a manual telnet to port 25 to your inbound mail server from their mail server? If so can they emulate the smtp protocol and send a mail manually?
ie ...
telnet yourmailserver.com 25
helo yourmaildomain
mail from: <any.user@theirdomain.com>
rcpt to: <any.user@yourdomain.com>
data
blah blah blah
.
quit
0
 
Arpit BajpaiCo-founder/DirectorCommented:
Hi looking at the logs I can see you are trying to send email via port 25..which now days is blocked by default.

Try the following steps.
Delete the MX records and put them back... (only 5% chances that this will work
Change the port on local server to 587 using security TLS.


I hope this will help. further more let me know the domain name in private so that i can run some tests.

Thanks
Arpit.
0
 
Jamie McKillopCommented:
Hello,

This isn't a DNS issue as the logs show the IP is resolving correctly. It is the same IP I get when I do a lookup. Have they tried to telnet to port 25 of your server from their server?

-JJ
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
KimputerCommented:
Please note I cannot connect to mail2.twns.com [70.167.201.19] either (both port 25 and 587) (it's also the current MX record on my side. so it's not a DNS problem either on the customer's side)
I'm not so sure it's a problem on the customer's side!
0
 
BERITMAuthor Commented:
trappa01, it does appear to be a problem on their end but unless I can somehow prove it then it becomes a silly finger pointing contest. They are using a Linux variant. DNS does resolve correctly though I did not have them verify the mx record, sent an email to them asking for them to try. I had them try a telnet session to port 25 to our filter by both FQDN and IP address.

arpit,
Are you suggesting I have our public MX record be deleted and added back in? We are not using TLS and prefer not to do so
0
 
Jeff PerryWindows AdministratorCommented:
twns.com does not have an spf record.

Ask the hostgator techs if they are configured to require spf records.
0
 
BERITMAuthor Commented:
Kimputer, how did you try connecting, telnet from a command prompt?
0
 
Jamie McKillopCommented:
Do not delete and recreate your MX record. That is not necessary. They are fine.

This is for sure an issue on the sender's side. Unfortunately, there is nothing you are going to be able to do to prove it. Since your firewall doesn't even show a connection attempt, there are no logs on your side to prove or disprove the issue is on the sender's side. You would need access to the sender's firewall logs.

-JJ
0
 
KimputerCommented:
BERITM: yes from command line, telnet
Here's some more info

E:\Documents and Settings\Administrator>telnet 70.167.201.19 25
Connecting To 70.167.201.19...Could not open a connection to host on port 25 : C
onnect failed


E:\Documents and Settings\Administrator>telnet gmail-smtp-in.l.google.com 25
220 mx.google.com ESMTP l41si1522301eew.102 - gsmtp

E:\Documents and Settings\Administrator>tracert 70.167.201.19 25
  5   102 ms   101 ms   105 ms  us-was03a-rd1-xe-0-3-0.aorta.net [84.116.130.66]

  6   115 ms   115 ms   124 ms  us-chi01a-ri2-gi-6-1-0.aorta.net [213.46.190.106
]
  7   115 ms   115 ms   116 ms  68.105.30.241
  8   162 ms   161 ms   162 ms  mcdldsrj01-ae1.0.rd.ph.cox.net [68.1.3.115]
  9   163 ms   163 ms   165 ms  70.169.76.226
 10     *        *        *     Request timed out.
 11     *        *        *     Request timed out.
 12   174 ms   176 ms   171 ms  mail.twns.com [184.183.14.210]
 13   173 ms   170 ms   175 ms  mail2.twns.com [70.167.201.19]
 14     *        *        *     Request timed out.
 15     *        *        *     Request timed out.
 16     *        *        *     Request timed out.
 17     *        *        *     Request timed out.
 18     *        *        *     Request timed out.
 19     *        *        *     Request timed out.
 20     *        *        *     Request timed out.
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23     *        *        *     Request timed out.
 24     *        *        *     Request timed out.
 25     *
0
 
BERITMAuthor Commented:
Kimputer,
The trace route is good but its odd the telnet attempt failed
0
 
BERITMAuthor Commented:
Turns out the customer was blacklisted at lashback, their service provider is working on resolving the issue.
0
 
BERITMAuthor Commented:
mxtoolbox found the source of the problem
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 5
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now