Mail senders from one specific host will not go through to our Exchange 2010
Customers of one big email hosting company do not get through to our server. The hosting company have many servers, but the common denominator of all the people having trouble sending us mail, are that they are sending through one of their servers. As we are not customers of this hostingcompany, I don't get through to their technical staff, so I have to figure this out from my end.
What the SMTP-log tells me, is that the sending server sends an EHLO, a Mail From:, and then QUIT. Mail sent from any other servers work perfectly to my knowledge.
My system is an isa 2004 server in front hosting a microsoft SMTP service on a 2003 server, forwarding to a Norman Email Protection Server as a smart host, in turn coupled to an exchange 2010 server.
Denne meldingen er ikke levert enda. Det blir fortsatt gjort forsøk på å sende den.
*******************************************************************
Translated to English:
Subject: Newspaper add .....
This message is not delivered yet. It will still be attempted delivered.
********************************************************************
Later they get one stating that delivery was unsuccessful.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
Kash
is it possible to post the sender's domain on here ?
MrWhy
ASKER
It seems their servers are listed in the SORBS database, but to my knowledge no SORBS lookup is activated on my exchange. Could be if it's enabled by default. If so where?
Carl Dula
Do you have a firewall or mail filtering device or service in front of the Exchange Server? For example, might your mail first go to Trend or some other reputation service, and then be forwarded to you if clean.
Do an nslookup on your MX records to see where they point.
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
Senders domains are for example aurskog-sparebank.no, sparebanken-hedmark.no, em1.no.
They all use EVRY as mail-host and SMTP. Servers are for instance mail17.edb.com, mail35.edb.com and mail36.edb.com
The mail36.edb.com are not represented in the SORBS database, but still dont get through.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
Carl Dula
I have not used Norman EPS, but in reviewing the info for this it seems that your block is likely coming from there. There is a good chance that it would check SORBS and other services. If there is logging on that device, I would look there for more info.
I assume you were at one time able to receive email from this site, but can't any longer. This is symptomatic of a SPAM sender or reputation problem.
Carl Dula
One other observation. It appears that edb.com, aurskog-sparebank.no, sparebanken-hedmark.no, em1.no do not have a valid SPF record. This could also be part of the issue if NEPS is checking for that.
MrWhy
ASKER
Nothing in the NEP logs indicates that these senders are blocked. Besides RBL-lookup is disabled on the Norman EPS in order to diagnose this.
Unlimited question asking, solutions, articles and more.
Carl Dula
OK, but what about NEPS checking for SPAM senders, reputation, or SPF records?
When did this last work?
MrWhy
ASKER
I turned off RBL-checking, Sender reputation, Greylisting, SPF support, Scan attack blocking, Malformed address rejecting, Sender address validating, BATV, DKIM Verification and signing.
I virtually disabled the NEP server except for antivirus and spam-blocking per message. Still these senders don't get through.
Also, the logs does not indicate any blocking. They do for other sites, and these are spammers and should be blocked, but the EVRY-customers does not appear.
Unlimited question asking, solutions, articles and more.
MrWhy
ASKER
I circumvented the problem by eliminating the front SMTP service and forwarding the packets directly to the NEP server. I still have no idea what caused the problem at the smtp service, but I suspect the real problem lied in the senders end, and still lies there. They probably have the same problem with other recipients out there, but now it's someone elses problem. Thank you for your input.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
MrWhy
ASKER
I circumvented the problem by eliminating the front SMTP service and forwarding the packets directly to the NEP server. I still have no idea what caused the problem at the smtp service, but I suspect the real problem lied in the senders end, and still lies there. They probably have the same problem with other recipients out there, but now it's someone elses problem. Thank you for your input.