Solved

Corporate email is failing intermitently for one user when sending to recipients in other countries from the US

Posted on 2014-12-03
9
110 Views
Last Modified: 2015-03-12
Hello - we have a corporate Exchange 2010 server with about 100 users.  One user is experiencing international email problems for the past couple weeks with email bouncing back to her.  She experiences no problems with domestic recipients, however.  It is also an intermittent issue - sometimes the message to an international recipient will work, while other times it is timing out.  This happens with multiple recipients from different domains, as well.  There appears to be no pattern, as of yet.  there have been multiple failures just this morning.  Not sure how to troubleshoot, but here is the common error between them:

1st MESSAGE:   mfavilli@uol.com.br (mfavilli@uol.com.br) <mailto:mfavilli@uol.com.br>
The server has tried to deliver this message, without success, and has stopped trying. Please try sending this message again. If the problem continues, contact your helpdesk.
#550 4.4.7 QUEUE.Expired; message expired ##

2nd MESSAGE:  contact@qedpackers.com
#554 5.4.4 SMTPSEND.DNS.NonExistentDomain; nonexistent domain ##

3rd MESSAGE:  稲垣慶三 (k.inagaki@lamerco.com) <mailto:k.inagaki@lamerco.com>
The server has tried to deliver this message, without success, and has stopped trying. Please try sending this message again. If the problem continues, contact your helpdesk.

Diagnostic information for administrators:
Generating server: EXCHANGE.lacoinc1.local
k.inagaki@lamerco.com
#550 4.4.7 QUEUE.Expired; message expired ##

4th MESSAGE:  Delivery is delayed to these recipients or groups:

mba@sigma-medical.com.tw

Katherine <mailto:Katherine@sigma-medical.com.tw>

Subject: RE: po#20140521003 please pull in shipping schedule

This message hasn't been delivered yet. Delivery will continue to be attempted.
0
Comment
Question by:Damian_Gardner
  • 6
  • 3
9 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
The location of the recipient shouldn't matter.
Do any others on the same server send to the same domains correctly?
Does the problem continue if used from OWA?

The messages are simply timeouts or queued messages, the NDRs are close to useless. You need to look in your queue viewer to see what is going on when the messages are queued.

Simon.
0
 

Author Comment

by:Damian_Gardner
Comment Utility
Hi Simon - I don't know about other users sending, so I will try sending tests myself, as another user.  Didn't realize the NDRs are useless.  I'll watch the queue viewer then and report back what I see.  thank you
0
 

Author Comment

by:Damian_Gardner
Comment Utility
By the way - I assume I need to watch the queue AS the email is being sent, correct?  there's nothing logged in it? it's real time, I assume
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
The NDRs you have posted are timeouts. Therefore the message will be in the queue until the timeout has been reached - which is 48 hours by default. You don't need to watch it in real time.

However if the end user is getting back an immediately failure, then that can indicate a different problem.

Simon.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:Damian_Gardner
Comment Utility
Ok - so I did some tests and watched the queue.  For the first one on my list, it looks like the receiving server is doing a reverse lookup and it's not finding our hostname.  Here's the error:

Last Error: 450 4.7.1 Client host rejected: cannot find your hostname, [12.161.143.57]

The FQDN I have in my receive connector is EXCHANGE.LACOINC1.LOCAL, which I believe the server setup itself, on it's own.  Not sure how to be sure what it has to be to satisfy the reverse lookup.
0
 

Author Comment

by:Damian_Gardner
Comment Utility
well - from what I'm seeing, it has something to do with one of two things.  Based on the results from NSLookup when I check the IP address reported in the rejection notification in the message queue (12.161.143.57 - which is the IP address of our ASA firewall gateway), it SEEMS like the FQDN the recipients server is looking for is the name of our OLD Exchange server from months ago (we migrated from "lacomail" to "exchange" server names early this year.  Strange thing is that nobody has complained about email trouble until just recently.  But the result of the NSLookup clearly shows that server name:

> set type=ptr
> 12.161.143.57
Server:  lacoad1.lacoinc1.local
Address:  192.168.1.9

Non-authoritative answer:
57.143.161.12.in-addr.arpa      canonical name = 57.48/28.143.161.12.in-addr.arp
a
57.48/28.143.161.12.in-addr.arpa        name = lacomail.laco.com


The OTHER thing it might be - and I'm not sure on this - is the rejection error from the recipient server states "cannot find your hostname"....which would be the actual name of our email server "EXCHANGE". Our DNS records show a PTR record for EXCHANGE = 12.161.143.51, which is it's own unique IP address, and this is the public address our email server has had for years.  the name was changed, as mentioned, from LACOMAIL to EXCHANGE about 8 months ago.  So - not sure if I need to change the EXCHANGE PTR record to match the .57 address, or what.

thanks for your help
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
Comment Utility
You need to do two things.

1. Ensure that the FQDN on the send connector matches the external PTR on the IP address.
2. Ensure the PTR (aka reverse DNS) has a matching A record.

The real name of the Exchange server doesn't matter, as long as the DNS records all match up.

Poor configuration of the remote servers though - it would have been helpful to NDR the message back immediately with that text rather than doing a temporary failure and then causing the messages to timeout instead.

Simon.
0
 

Author Comment

by:Damian_Gardner
Comment Utility
Sorry for the late response.  Let me check these two points, and let you know.

thanks Simon - I appreciate your help
0
 

Author Comment

by:Damian_Gardner
Comment Utility
Apologize for forgetting to check back.  We found it was a DNS problem with our server IP address.  Thank you for your help.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
This Micro Tutorial demonstrates  how Internet marketers work with competitive analysis data, and a common task in data preparation is creating separate column for domains. You will then extract from a list of URLs.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now