Solved

Exchange 2003, mdaemon

Posted on 2014-07-31
9
338 Views
Last Modified: 2014-08-14
Hello:

We used to use mdaemon as our email program inhouse, then we migrated to Outlook 2003.  However some users did not get fully migrated, they stayed on mdaemon using the Outlook connector. In general it works well, however things are odd with a few users when they send new emails to a specific account, let's call it john@john.com. When john sends and email and they respond, there is no problem, but when one of these users that are on mdaemon send a new email to john@john.com it does not reach its destination. I would like to see what's going on. What can I look at to try to fix this problem? I've thought of deleting the account and creating a nuew one, but this is problematic becuase of all the emails send and received over the years. Can someone shed some light as to how I can track down via logs and see what's the problem. IS there some black / white list? thanks.
0
Comment
Question by:CEGE
  • 5
  • 4
9 Comments
 
LVL 1

Expert Comment

by:Robert Hall
ID: 40243263
If I understand your post correctly, this issue only exists for users on Mdaemon.  True?

If john@john.com sends a message to jane@john.com, Jane gets the message.  If Jane replies to John, he receives her reply.  Correct?

If Jane composes a new message addressed to john@john.com, the message never reaches John's Inbox, correct?

After Jane sends the message, does she receive a transient delivery failure notice after 60 minutes, stating that the message has not yet been sent but the server will continue to try for up to 5 days?

What level of logging do you have enabled in MDaemon? Go to MDaemon's GUI, select Setup, Server Settings.  Expand the Logging node and select Log Mode.  Record your current settings so you can restore them later.

Ideally you will have 'Log everything into separate files based on the date'.  Note the value for 'Put log files into this folder'.

Recreate the scenario of jane@john.com sending a new message to john@john.com.  

Now browse to the folder where the log files are written and open the file called MDaemon-YYYYMMDD-SMTP-(in).log.

Find the session where Jane sends John the message.  At the beginning of each line is a date/time stamp and a session number.  These look like this:

Tue 2014-08-05 00:01:40: [558907]

In this case, 558907 is the session number.  Scroll to the top of the session for Jane's message to John, highlight all lines that contain the session number, copy and paste those lines into this case and we'll go from here with looking for your problem.
0
 
LVL 1

Author Comment

by:CEGE
ID: 40245720
Hello:

Thanks so much for getting back to me. I've since opened up a case w Mdaemon and they are looking at the logs. I am attaching them because the problema is still not resolved. I couldn't upload the others becuase it's in the banned list, "HIwater.mrk"

Regards,
Joseph
Monday-SMTP-info.zip
0
 
LVL 1

Expert Comment

by:Robert Hall
ID: 40245783
I am assuming that the final message in the SMTP (in) log file is a sample of the problem sending and receiving accounts - this is the only complete session log contained in the file.

Please confirm that a.delamo has an account in MDaemon.

Refer to the attached flow chart.  Look for the comment in forth column from left 'At this point the SMTP server is done.  The MTA takes over from here'.  The message sent from ruben has been successfully received by MDaemon and you are now 'At this point.....'.  Go to the top of the right-most column.  You need to check the logs for Antivirus, Outbreak Protection, Spam Filter, Content Filter, etc. in sequence to watch the message move through the MTA.  The message *should* arrive in a.delamo's Inbox.  Why it is not reaching the inbox should be revealed by following the message as it moves through the various processes mentioned above.
MDaemon-SMTP-Work-Flow.png
0
 
LVL 1

Author Comment

by:CEGE
ID: 40248636
Hello:

Thank you fr yr help. Let's see. I have an example of a test I tried with another mdaemon user. This person sent an email to a user from another domain and also that in exchange server.

The problem I think is with unknown users going to exchange server. I have it set that they should go to the exchange server and use the original sender. However the message get stuck in the retry queue. I don't know how I can fix this.

Here's what the user got back:

MDaemon is configured to automatically retry delivery at configured intervals.  Subsequent attempts to deliver this message are pending.

--- Session Transcript ---
 Fri 2014-08-08 14:17:57: Session 815962; child 0001  Fri 2014-08-08 14:17:57: Parsing message <xxxxxxxxxxxxxxxxxxxxxxxx\pd50000067950.msg>
 Fri 2014-08-08 14:17:57: *  From: Trias@celo.com  Fri 2014-08-08 14:17:57: *  To: kbiro@apolo.es  Fri 2014-08-08 14:17:57: *  Subject: test  Fri 2014-08-08 14:17:57: *  Size (bytes): 26386  Fri 2014-08-08 14:17:57: *  Message-ID: <006d01cfb2fa$44c8c450$ce5a4cf0$@celo.com>
 Fri 2014-08-08 14:17:57: *  Route slip host: [celoexchange.celo-apolo.net]  Fri 2014-08-08 14:17:57: *  Route slip port: 25  Fri 2014-08-08 14:17:57: Attempting SMTP connection to [celoexchange.celo-apolo.net]  Fri 2014-08-08 14:17:57: Attempting SMTP connection to [celoexchange.celo-apolo.net:25]  Fri 2014-08-08 14:17:57: Resolving A record for [celoexchange.celo-apolo.net] (DNS Server: 192.168.2.25)...
 Fri 2014-08-08 14:17:57: *  D=celoexchange.celo-apolo.net TTL=(20) A=[192.168.2.17]  Fri 2014-08-08 14:17:57: Attempting to send message to smart host  Fri 2014-08-08 14:17:57: Attempting SMTP connection to [192.168.2.17:25]  Fri 2014-08-08 14:17:57: Waiting for socket connection...
 Fri 2014-08-08 14:17:57: *  Connection established (192.168.2.28:63899 -> 192.168.2.17:25)  Fri 2014-08-08 14:17:57: Waiting for protocol to start...
 Fri 2014-08-08 14:17:57: <-- 220 celo.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at  Fri, 8 Aug 2014 14:17:57 +0200  Fri 2014-08-08 14:17:57: --> EHLO mail1.celo.com  Fri 2014-08-08 14:17:57: <-- 250-celo.com Hello [192.168.2.28]  Fri 2014-08-08 14:17:57: <-- 250-TURN  Fri 2014-08-08 14:17:57: <-- 250-SIZE  Fri 2014-08-08 14:17:57: <-- 250-ETRN  Fri 2014-08-08 14:17:57: <-- 250-PIPELINING  Fri 2014-08-08 14:17:57: <-- 250-DSN  Fri 2014-08-08 14:17:57: <-- 250-ENHANCEDSTATUSCODES  Fri 2014-08-08 14:17:57: <-- 250-8bitmime  Fri 2014-08-08 14:17:57: <-- 250-BINARYMIME  Fri 2014-08-08 14:17:57: <-- 250-CHUNKING  Fri 2014-08-08 14:17:57: <-- 250-VRFY  Fri 2014-08-08 14:17:57: <-- 250-X-EXPS GSSAPI NTLM LOGIN  Fri 2014-08-08 14:17:57: <-- 250-X-EXPS=LOGIN  Fri 2014-08-08 14:17:57: <-- 250-AUTH GSSAPI NTLM LOGIN  Fri 2014-08-08 14:17:57: <-- 250-AUTH=LOGIN  Fri 2014-08-08 14:17:57: <-- 250-X-LINK2STATE  Fri 2014-08-08 14:17:57: <-- 250-XEXCH50  Fri 2014-08-08 14:17:57: <-- 250 OK  Fri 2014-08-08 14:17:57: --> MAIL From:<Trias@celo.com> SIZE=26386  Fri 2014-08-08 14:17:57: <-- 250 2.1.0 Trias@celo.com....Sender OK  Fri 2014-08-08 14:17:57: --> RCPT To:<kbiro@apolo.es>  Fri 2014-08-08 14:18:02: <-- 550 5.1.1 User unknown  Fri 2014-08-08 14:18:02: This message is 60 minutes old; it has 0 minutes left in this queue  Fri 2014-08-08 14:18:02: Remote queue lifetime exceeded; message placed in retry queue
--- End Transcript ---
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Expert Comment

by:Robert Hall
ID: 40250182
It is difficult to read the details of the connection between MDaemon and Exchange contained in the temporary delivery failure notice because the CR/LF are removed.  If you add back the new lines, the problem becomes clear:

 Fri 2014-08-08 14:17:57: --> MAIL From:<Trias@celo.com> SIZE=26386  
 Fri 2014-08-08 14:17:57: <-- 250 2.1.0 Trias@celo.com....Sender OK  
 Fri 2014-08-08 14:17:57: --> RCPT To:<kbiro@apolo.es>  
 Fri 2014-08-08 14:18:02: <-- 550 5.1.1 User unknown  


MDaemon connects successfully to your Exchange server but when MD tells Exchange it has a message for kbiro@apolo.es, Exchange replies that it doesn't have an account called kbiro@apolo.es.

Should an account exist for kbiro@apolo.es on your Exchange server?  If yes, then create the account in Exchange.

If no, why is MDaemon attempting to send that message to Exchange?
Transcript.txt
0
 
LVL 1

Accepted Solution

by:
Robert Hall earned 500 total points
ID: 40250197
You said:

"The problem I think is with unknown users going to exchange server. I have it set that they should go to the exchange server and use the original sender."

So MDaemon is doing what you expect it to.  The problem is that the account doesn't exist on Exchange, so the message is rejected (as it should be!).  MDaemon retries at 1-minute intervals for the first hour, then at four-hour intervals for 5 days (these are the default timer values).  At the end of 5-days, the original sender will receive a permanent delivery failure notice and MDaemon will place the message in the Bad queue.
0
 
LVL 1

Author Comment

by:CEGE
ID: 40250735
Hello:

Thanks for clarifying that. I see what you're saying. Now I see what the problem is. In exchange it's set up to receive email from 3 domains, the main one and 2 alternates. I found this article.   http://support.microsoft.com/kb/268838/en-us   And it's set up like this, but it doesn't seem to be working. We have 3 domains and one is the main one and that one is working. In outlook when I set up a new profile, I just put the internal server name, and the user name. Exchange is then in charge of forwarding the email messages.  I was testing it out my my account, which is only in Exchange and it's not getting delivered to the other accounts, only the main one. How can I fix this?
0
 
LVL 1

Expert Comment

by:Robert Hall
ID: 40252507
Sorry, but all of my email server experience is MDaemon-specific. I'm unable to assist with Exchange configuration issues.
0
 
LVL 1

Author Closing Comment

by:CEGE
ID: 40261831
Thank you. This seems to be working fine now.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Easy CSR creation in Exchange 2007,2010 and 2013
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now