Solved

Email not going to clients, BDAT after RCPT

Posted on 2014-11-19
4
592 Views
Last Modified: 2014-11-20
senderdomain.com : It's our domain sending emails.

domainA.com: the trouble domain who doesn't receive emails from us with 'BDAT'

domainB.com, domainC.com, domainD.com: These are emails went through successfully. I just show as
examples here to compare.


Our email server:
Exchange 2003 STD
Widnows 2003 STD

I have some clients who don't receive emails at certain time, today, they don't receive emails at all. When I checked Exchange log, it shows BDAT after RCPT which I don't see from successful emails went through. They say that they receive emails from others, but only from us. I replaced domain names and user names as following on the log. What is BDAT and how should I approach to troubleshoot this?
When I checked in Exchange System Manager/Message Tracking, the emails to domainA.com was transfered to the domain at the end. Could it be just their side blocking suddenly?




Exchange log for domainA.com(problem receiving emails from us), domainB.com, domainC.com,domainD.com
============================================
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 220+BL2FFO11FD015.mail.protection.outlook.com+Microsoft+ESMTP+MAIL+Service+ready+at+Wed,+19+Nov+2014+21:57:27++0000 0 0 115 0 31 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 EHLO - mail.senderdomain.com 0 0 4 0 31 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250-BL2FFO11FD015.mail.protection.outlook.com+Hello+[207.237.xxx.xxx] 0 0 69 0 62 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 MAIL - FROM:<david@senderdomain.com>+SIZE=3448 0 0 4 0 156 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.1.0+Sender+OK 0 0 19 0 234 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 RCPT - TO:<reception@domainB.com> 0 0 4 0 234 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.1.5+Recipient+OK 0 0 22 0 312 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 BDAT - 3448+LAST 0 0 4 0 312 SMTP - - - -
2014-11-19 21:57:29 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.6.0+<1AFF0FB8CBB3A74EA64367B775D5FC40087EC999@mailsrv.senderdomain.pri>+[InternalId=14916421440636,+Hostname=BY1PR0201MB0951.namprd02.prod.outlook.com]+Queued+mail+for+delivery 0 0 184 0 1953 SMTP - - - -
2014-11-19 21:57:29 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 QUIT - - 0 0 4 0 1968 SMTP - - - -
2014-11-19 21:57:29 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 221+2.0.0+Service+closing+transmission+channel 0 0 46 0 2000 SMTP - - - -


2014-11-19 21:47:24 67.231.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250-mx0a-0015f701.pphosted.com+Hello+mail.senderdomain.com+[207.237.xxx.xxx],+pleased+to+meet+you 0 0 97 0 188 SMTP - - - -
2014-11-19 21:47:25 67.231.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 MAIL - FROM:<do-not-reply@senderdomain.com> 0 0 4 0 313 SMTP - - - -
2014-11-19 21:47:25 67.231.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.1.0+Sender+ok 0 0 19 0 406 SMTP - - - -
2014-11-19 21:47:25 67.231.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 RCPT - TO:<userK@domainA.com> 0 0 4 0 406 SMTP - - - -
2014-11-19 21:47:25 67.231.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.1.5+Recipient+ok 0 0 22 0 485 SMTP - - - -
2014-11-19 21:47:25 67.231.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 DATA - - 0 0 4 0 485 SMTP - - - -
2014-11-19 21:47:25 66.225.aaa.aa njr243.littlestationeryfromsanta.me SMTPSVC1 mailsrv 192.168.1.20 0 BDAT - +<fe9a4b73b07911fd6a577fef9c8cdae5.5751508.23540226@njr243.littlestationeryfromsanta.me> 250 0 125 1505 109 SMTP - - - -
2014-11-19 21:47:25 67.231.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 354+Enter+mail,+end+with+"."+on+a+line+by+itself 0 0 48 0 578 SMTP - - - -
2014-11-19 21:47:25 67.231.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.0.0+1qrnrxa1gv-1+Message+accepted+for+delivery 0 0 52 0 1047 SMTP - - - -
2014-11-19 21:47:25 67.231.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 QUIT - - 0 0 4 0 1063 SMTP - - - -
2014-11-19 21:47:25 67.231.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 221+2.0.0+mx0a-0015f701.pphosted.com+Closing+connection 0 0 55 0 1141 SMTP - - - -

2014-11-19 00:10:17 174.143.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 220+server531.appriver.com+ESMTP+srv-b 0 0 38 0 172 SMTP - - - -
2014-11-19 00:10:17 174.143.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 EHLO - mail.senderdomain.com 0 0 4 0 172 SMTP - - - -
2014-11-19 00:10:17 174.143.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250-inbound.appriver.com+we+trust+you+mail.senderdomain.com 0 0 59 0 219 SMTP - - - -
2014-11-19 00:10:17 174.143.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 MAIL - FROM:<do-not-reply@senderdomain.com>+SIZE=7271 0 0 4 0 312 SMTP - - - -
2014-11-19 00:10:17 174.143.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+do-not-reply@senderdomain.com+sender+accepted 0 0 49 0 375 SMTP - - - -
2014-11-19 00:10:17 174.143.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 RCPT - TO:<userB@domainC.com> 0 0 4 0 375 SMTP - - - -
2014-11-19 00:10:17 174.143.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+dyanne@domainC.com+will+relay+to+a+client+address 0 0 65 0 422 SMTP - - - -
2014-11-19 00:10:17 174.143.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 DATA - - 0 0 4 0 422 SMTP - - - -
2014-11-19 00:10:17 174.143.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 354+Enter+mail,+end+with+"."+on+a+line+by+itself 0 0 48 0 469 SMTP - - - -
2014-11-19 00:10:18 174.143.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+328662607+message+accepted+for+delivery 0 0 43 0 578 SMTP - - - -
2014-11-19 00:10:18 174.143.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 QUIT - - 0 0 4 0 594 SMTP - - - -
2014-11-19 00:10:18 174.143.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 221+inbound.appriver.com+SMTP+closing+connection 0 0 48 0 640 SMTP - - - -

2014-11-19 12:20:34 152.163.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.1.0+Ok 0 0 12 0 1359 SMTP - - - -
2014-11-19 12:20:34 152.163.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 RCPT - TO:<userA@domainD.com> 0 0 4 0 1359 SMTP - - - -
2014-11-19 12:20:34 152.163.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.1.5+Ok 0 0 12 0 1375 SMTP - - - -
2014-11-19 12:20:34 152.163.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 DATA - - 0 0 4 0 1375 SMTP - - - -
2014-11-19 12:20:34 152.163.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 354+End+data+with+<CR><LF>.<CR><LF> 0 0 35 0 1375 SMTP - - - -
2014-11-19 12:20:34 152.163.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.0.0+Ok:+queued+as+907D8700000AE 0 0 37 0 1547 SMTP - - - -
2014-11-19 12:20:34 152.163.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 QUIT - - 0 0 4 0 1562 SMTP - - - -
2014-11-19 12:20:34 152.163.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 221+2.0.0+Bye 0 0 13 0 1562 SMTP - - - -








================================================================================
0
Comment
Question by:crcsupport
  • 2
4 Comments
 
LVL 31

Accepted Solution

by:
Gareth Gudger earned 250 total points
ID: 40454123
Not sure if you have seen this. But more info on the BDAT verb here.
http://technet.microsoft.com/en-us/library/aa997593(v=exchg.80).aspx

What are the errors you are seeing in the Queues. Specifically the errors under the Retry Error column?
0
 
LVL 7

Assisted Solution

by:dsnegi_25dec
dsnegi_25dec earned 250 total points
ID: 40454397
Can you try through telnet

Did user's getting any NDR.
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40455479
Thanks.
I Tried to telnet, it was OK right before DATA command. But I didn't proceed further. Then I used online tool to verify the email address, it returned error code related some kind of spam message. Then, hours later, I used the same online tool, the error message was gone. So, I guess they had some filtering issue on their side.

For other readers:

I read the url Gareth posted, BDAT seems like it doesn't scan data part of message as DATA does, so having shorter response from BDAT doesn't seem it's an error.  

2xx  is a SMTP reply code returned from a recipient server that the previous command was OK and accepted. 2.x.x is the old version of SMTP reply code for compatibility. So, in my case, 250 2.6.0 was returned from BDAT, I assume the recipient server accepted the email. From there, it's their responsibility to deliver the email to their users. So, I guess there's not much thing I can do until the administrator of the recipient mail servers fix the issue or call me to do if he needs my cooperation to fix it.

Ref. Online email verifier: http://verify-email.org/
Ref. SMTP code: http://www.unixhub.com/docs/email/SMTPcodes.html

Thank you guys!

-------------------------------------------------------------------------------------------------------------------------------------------
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 220+BL2FFO11FD015.mail.protection.outlook.com+Microsoft+ESMTP+MAIL+Service+ready+at+Wed,+19+Nov+2014+21:57:27++0000 0 0 115 0 31 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 EHLO - mail.senderdomain.com 0 0 4 0 31 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250-BL2FFO11FD015.mail.protection.outlook.com+Hello+[207.237.xxx.xxx] 0 0 69 0 62 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 MAIL - FROM:<david@senderdomain.com>+SIZE=3448 0 0 4 0 156 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.1.0+Sender+OK 0 0 19 0 234 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 RCPT - TO:<reception@domainB.com> 0 0 4 0 234 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.1.5+Recipient+OK 0 0 22 0 312 SMTP - - - -
2014-11-19 21:57:27 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 BDAT - 3448+LAST 0 0 4 0 312 SMTP - - - -
2014-11-19 21:57:29 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 250+2.6.0+<1AFF0FB8CBB3A74EA64367B775D5FC40087EC999@mailsrv.senderdomain.pri>+[InternalId=14916421440636,+Hostname=BY1PR0201MB0951.namprd02.prod.outlook.com]+Queued+mail+for+delivery 0 0 184 0 1953 SMTP - - - -
2014-11-19 21:57:29 207.46.xxx.xxx OutboundConnectionCommand SMTPSVC1 mailsrv - 25 QUIT - - 0 0 4 0 1968 SMTP - - - -
2014-11-19 21:57:29 207.46.xxx.xxx OutboundConnectionResponse SMTPSVC1 mailsrv - 25 - - 221+2.0.0+Service+closing+transmission+channel 0 0 46 0 2000 SMTP - - - -
-------------------------------------------------------------------------------------------------------------------------------------------
0
 
LVL 1

Author Comment

by:crcsupport
ID: 40455489
For telnet and NDR, if they accept the email and hold it for security scanning such as spam or virus, I guess the recipient mail server won't return NDR immediately to me. Actually I didn't receive any NDR at all until this time.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now