Solved

Remoter Server Closed Connection

Posted on 2014-03-11
16
189 Views
Last Modified: 2014-03-26
We are using M.Exchange 2010.

Some of our recipient has been complaining that they receive a bounce back message with the NDR

The following recipient(s) could not be reached:
Remote server closed connection.

****** MAIL SERVER MESSAGE ******

We are still receive emails from them but it seems to be intermittent.

Could you provide any Que to this issue?
0
Comment
Question by:patcheah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 5
  • 2
16 Comments
 
LVL 22

Expert Comment

by:David Atkin
ID: 39921174
Hello,

Can you give us the NDR? This will be key to finding out where the problem lies.
0
 

Author Comment

by:patcheah
ID: 39921186
The NDR is very general

Your message did not reach some or all of the intended recipients.

   Sent: Tue, 11 Mar 2014 17:14:04 +0800
   Subject: RE: Faraday Files Uploaded to FTP

The following recipient(s) could not be reached:

cscheah@q-value.com
Remote server closed connection.
fpsoo@q-value.com
Remote server closed connection.
owsc@q-value.com
Remote server closed connection.
stlim@q-value.com
Remote server closed connection.
winston@q-value.com
Remote server closed connection.
wkwong@q-value.com
Remote server closed connection.
ytyong@q-value.com
Remote server closed connection.
Tried 7 time(s)



****** MAIL SERVER MESSAGE ******
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39921266
Have you checked to see if your domain is on a blacklist?

Is it just with this one client?
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:patcheah
ID: 39922225
no, my domain is clean.

so far there is 2 domains affected, im not sure there are from same email hosting company.
0
 

Author Comment

by:patcheah
ID: 39922307
NDR from this sender:

mailer-daemon@ms-virgo.securen.net

any clue?
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39922783
It might be worth checking your tracking logs in Exchange to see if it gives any further information.

I would raise the issue with your clients IT departments.  It doesn't look like an Exchange generated NDR to me.
0
 

Author Comment

by:patcheah
ID: 39922787
Hi David Atkin

Thanks. This is what i thought. Without doing anything, now we are able to receive email from the client.

I would ask the client to request the log from their hosting provider to see what when wrong.
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39922790
Let us know how you get on.

Thanks
0
 

Author Comment

by:patcheah
ID: 39922992
Hi,

still a very general log from sender hosting company, both supplier are confirm host at same hosting company. attached below.


"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "RECEIVED: 220 *************************************************************************************************"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "SENT: HELO ms-ursa.securen.net"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "RECEIVED: 250 qvalueexsvr001.qvalue.local Hello [112.137.166.26]"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "SENT: MAIL FROM:<zamir@ekogrp.com.my>"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "RECEIVED: 250 2.1.0 Sender OK"
"SMTPC" 3660 807858 "2014-03-10 21:10:40.231" "111.90.137.245" "SENT: RCPT TO:<qveng@q-value.com>"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.247" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.247" "111.90.137.245" "SENT: RCPT TO:<winston@q-value.com>"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.247" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.247" "111.90.137.245" "SENT: DATA"
"SMTPC" 3644 807858 "2014-03-10 21:10:40.263" "111.90.137.245" "RECEIVED: 354 Start mail input; end with <CRLF>.<CRLF>"


"SMTPC" 22496 194753 "2014-03-11 23:28:15.934" "111.90.137.245" "RECEIVED: 220 *************************************************************************************************"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.934" "111.90.137.245" "SENT: HELO ms-virgo.securen.net"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "RECEIVED: 250 qvalueexsvr001.qvalue.local Hello [202.71.99.245]"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "SENT: MAIL FROM:<csliung@triplus.com.my>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "RECEIVED: 250 2.1.0 Sender OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "SENT: RCPT TO:<cscheah@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "SENT: RCPT TO:<fpsoo@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.950" "111.90.137.245" "SENT: RCPT TO:<owsc@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "SENT: RCPT TO:<stlim@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "SENT: RCPT TO:<winston@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "SENT: RCPT TO:<wkwong@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.965" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.981" "111.90.137.245" "SENT: RCPT TO:<ytyong@q-value.com>"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.981" "111.90.137.245" "RECEIVED: 250 2.1.5 Recipient OK"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.981" "111.90.137.245" "SENT: DATA"
"SMTPC" 22496 194753 "2014-03-11 23:28:15.981" "111.90.137.245" "RECEIVED: 354 Start mail input; end with <CRLF>.<CRLF>"


i check my transaction logs, v14>transportrules>logs>connectivity

didnt show any error as well

Thanks
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39923013
Doesn't give us a great deal to go with really.  

Did you send a large attachment with the email or anything?  

Either way the error looks as though it resides on their server to me.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39923095
Someone has a Cisco PIX or ASA device.
If that is the case, then you need to disable the FIXUPSMTP, MailGuard feature.

http://support.microsoft.com/kb/320027

Simon.
0
 

Author Comment

by:patcheah
ID: 39923541
Hi Simon,

Yes, we do have a asa ciso firewall, will have a look on it.

Thanks
0
 

Author Comment

by:patcheah
ID: 39923561
Hi David,

Just a normal email size, less than 1mb. It happens on and off, intermittently.
0
 

Author Comment

by:patcheah
ID: 39928227
HI Simon,

Datacenter guy claim that the model of cisco asa 5550 no longer have the feature of ,

"FIXUPSMTP, MailGuard feature"

still happens intermittently, what other area i can try to investigate?

Thank
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39928883
Data centre guy is wrong. That is the cause of the *************** in the log file.
It is called something else in later versions of the Cisco operating system, I cannot recall what it is called now (gave up on Cisco years ago).

Simon.
0
 

Author Comment

by:patcheah
ID: 39957995
Hi Simon,

You are right! data center guy problem!

"FIXUPSMTP, MailGuard feature"

This fixed the problem! issue resolved!

Thanks
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question