Solved

Remoter Server Closed Connection

Posted on 2014-03-11
16
184 Views
Last Modified: 2014-03-26
We are using M.Exchange 2010.

Some of our recipient has been complaining that they receive a bounce back message with the NDR

The following recipient(s) could not be reached:
Remote server closed connection.

****** MAIL SERVER MESSAGE ******

We are still receive emails from them but it seems to be intermittent.

Could you provide any Que to this issue?
0
Comment
Question by:patcheah
  • 9
  • 5
  • 2
16 Comments
 
LVL 22

Expert Comment

by:David Atkin
ID: 39921174
Hello,

Can you give us the NDR? This will be key to finding out where the problem lies.
0
 

Author Comment

by:patcheah
ID: 39921186
The NDR is very general

Your message did not reach some or all of the intended recipients.

   Sent: Tue, 11 Mar 2014 17:14:04 +0800
   Subject: RE: Faraday Files Uploaded to FTP

The following recipient(s) could not be reached:

cscheah@q-value.com
Remote server closed connection.
fpsoo@q-value.com
Remote server closed connection.
owsc@q-value.com
Remote server closed connection.
stlim@q-value.com
Remote server closed connection.
winston@q-value.com
Remote server closed connection.
wkwong@q-value.com
Remote server closed connection.
ytyong@q-value.com
Remote server closed connection.
Tried 7 time(s)



****** MAIL SERVER MESSAGE ******
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39921266
Have you checked to see if your domain is on a blacklist?

Is it just with this one client?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:patcheah
ID: 39922225
no, my domain is clean.

so far there is 2 domains affected, im not sure there are from same email hosting company.
0
 

Author Comment

by:patcheah
ID: 39922307
NDR from this sender:

mailer-daemon@ms-virgo.securen.net

any clue?
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39922783
It might be worth checking your tracking logs in Exchange to see if it gives any further information.

I would raise the issue with your clients IT departments.  It doesn't look like an Exchange generated NDR to me.
0
 

Author Comment

by:patcheah
ID: 39922787
Hi David Atkin

Thanks. This is what i thought. Without doing anything, now we are able to receive email from the client.

I would ask the client to request the log from their hosting provider to see what when wrong.
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39922790
Let us know how you get on.

Thanks
0
 

Author Comment

by:patcheah
ID: 39922992
Hi,

still a very general log from sender hosting company, both supplier are confirm host at same hosting company. attached below.


"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "RECEIVED: 220 *************************************************************************************************"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "SENT: HELO ms-ursa.securen.net"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "RECEIVED: 250 qvalueexsvr001.qvalue.local Hello [112.137.166.26]"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "SENT: MAIL FROM:<zamir@ekogrp.com.my>"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "RECEIVED: 250 2.1.0 Sender OK"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "SENT: RCPT TO:<qveng@q-value.com>"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.247" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.247" "111.90.137.245" "SENT: RCPT TO:<winston@q-value.com>"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.247" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.247" "111.90.137.245" "SENT: DATA"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.263" "111.90.137.245" "RECEIVED: 354 Start mail input; end with <CRLF>.<CRLF>"


"SMTPC" 22496 194753 "2014-03-11 23:28:15.934" "111.90.137.245" "RECEIVED: 220 *************************************************************************************************"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.934" "111.90.137.245" "SENT: HELO ms-virgo.securen.net"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "RECEIVED: 250 qvalueexsvr001.qvalue.local Hello [202.71.99.245]"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "SENT: MAIL FROM:<csliung@triplus.com.my>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "RECEIVED: 250 2.1.0 Sender OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "SENT: RCPT TO:<cscheah@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "SENT: RCPT TO:<fpsoo@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "SENT: RCPT TO:<owsc@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "SENT: RCPT TO:<stlim@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "SENT: RCPT TO:<winston@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "SENT: RCPT TO:<wkwong@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.981" "111.90.137.245" "SENT: RCPT TO:<ytyong@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.981" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.981" "111.90.137.245" "SENT: DATA"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.981" "111.90.137.245" "RECEIVED: 354 Start mail input; end with <CRLF>.<CRLF>"


i check my transaction logs, v14>transportrules>logs>connectivity

didnt show any error as well

Thanks
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39923013
Doesn't give us a great deal to go with really.  

Did you send a large attachment with the email or anything?  

Either way the error looks as though it resides on their server to me.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39923095
Someone has a Cisco PIX or ASA device.
If that is the case, then you need to disable the FIXUPSMTP, MailGuard feature.

http://support.microsoft.com/kb/320027

Simon.
0
 

Author Comment

by:patcheah
ID: 39923541
Hi Simon,

Yes, we do have a asa ciso firewall, will have a look on it.

Thanks
0
 

Author Comment

by:patcheah
ID: 39923561
Hi David,

Just a normal email size, less than 1mb. It happens on and off, intermittently.
0
 

Author Comment

by:patcheah
ID: 39928227
HI Simon,

Datacenter guy claim that the model of cisco asa 5550 no longer have the feature of ,

"FIXUPSMTP, MailGuard feature"

still happens intermittently, what other area i can try to investigate?

Thank
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39928883
Data centre guy is wrong. That is the cause of the *************** in the log file.
It is called something else in later versions of the Cisco operating system, I cannot recall what it is called now (gave up on Cisco years ago).

Simon.
0
 

Author Comment

by:patcheah
ID: 39957995
Hi Simon,

You are right! data center guy problem!

"FIXUPSMTP, MailGuard feature"

This fixed the problem! issue resolved!

Thanks
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question