?
Solved

Exchange 550 'mailbox unavailable'

Posted on 2015-02-24
7
Medium Priority
?
343 Views
Last Modified: 2015-03-04
Here is the scenario:
We are running one Exchange 2003 server in a small network; server has been running without any issues for years. Server is not blacklisted. Internal email and incoming email are working fine.

The MX record is not the same as the PTR record because the server is collocated and there are 2 outside addressing schemes, one for the LAN, and one for the ISP that controls the pipe to the colo.

Problem:
The PTR record resolves correctly; but suddenly outgoing mail stopped working. The PTR record was established to make SMTP work.  I have an explanation for this that I could post.

I noticed after the outgoing emails stopped, that the machine that holds to PTR record is not reachable by tracert or ping.
The ISP, controller of the PTR record server, claims that the machine does not need to be reachable, as long as the PTR record is resolving on the internet. (really??) MXtoolbox shows the PTR resolution is good and the MX record is good, but the SMTP test there fails.

What I did:
I added 8.8.8.8 to the Exchange servers sender ID and filtering section as external DNS, and most mail now goes out.  (this tells me that the path usually used for SMTP was dead i.e.. (no tracert to the server whose address I was using before this started).  
I looked for answers all over forums but found nothing definitive.

However, some emails are still failing to go out unless I add an SMTP connector for each failed domain recipient.  So far I have added a dozen.   This is getting old. Many of the required additional SMTP resolve to outlook.com.

Question:  what is the real cause of the failure message #5.5.0 smtp;550 Requested action not taken: mailbox unavailable>  Why does adding an SMTP record work, is there a better way, a final fix?
0
Comment
Question by:quaybj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 300 total points
ID: 40629132
Take a look at the below link which is the great table for 2003 and NDR's.
http://www.computerperformance.co.uk/exchange2003/exchange2003_NDR.htm

Will.
0
 
LVL 40

Accepted Solution

by:
footech earned 1200 total points
ID: 40629770
SMTP delivery is possible without a PTR record, it's just that many recipients do a check of the PTR record as an anti-spam check.  Many recipients will also check the sending IP's PTR record and verify that for the name referenced by it, there is an A record with the same name which resolves to the same IP.

It's not necessary for the the sending server to respond to pings.

To me it sounds a bit like you're having name resolution problems.  I would verify name resolution for a variety of domains from the Exchange server.
0
 

Author Comment

by:quaybj
ID: 40634223
Footech,

I  accept that the sending server does not have to respond to pings.  Does the same go for tracert even after 80 hops?  

Through dcdiag, I did find an internal  DNS replication issue, and invalid root hints.  which  I have to deal with before I can move forward.  The Exchange server is trying to talk to an AD server that is slow and far away (and not replicating), instead of to the one right next to it in the rack.  This might be the issue, but.....

Meantime, I also found that just about all of the SMTP errors are coming from a server hosted by Microsoft.  the full message is The remote host "65.55.92.168", responded to the SMTP command "rcpt" with "550 Requested action not taken: mailbox unavailable ".  Why is this particular server involved and the one causing all the issues?  It's giving this response and failing spam as well as legitimate messages.

I used smtpdiag and dnsdiag and found that the server is resolving on external email  domains 100%, but email sent to those domains is still failing. I continue to create connectors for each failed domain and this continues to work every time.

I found the Exchange 2003 routing document and am reading it.  

Further thoughts?
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 40

Expert Comment

by:footech
ID: 40634583
I don't understand the question about tracert.  Tracert essentially tries to ping all the routing points along a network path.  80 hops is a lot.  I don't ever remember seeing one over 20.  I don't use tracert much but if I remember right it can generate a lot of "request timed out" entries when something isn't responding.

Unfortunately I don't have an answer as to why it's failing, or why creating a connector would allow it to succeed.  The only time creating a connector solved an issue for me was when the MX record wasn't resolving properly for some reason.  A quick search also suggests that the SMTP error can be seen when your IP is blacklisted, but then in that case I wouldn't expect that creating a connector would change anything.
0
 

Author Comment

by:quaybj
ID: 40642684
Still working this problem.  SMTP seemingly fixed itself.  Now I have to remove the connector or the messages are stuck in the queue.  more later....
0
 

Author Comment

by:quaybj
ID: 40645132
This righted itself.  I beleive it was because replication between the 2 DC's stopped.  Now that replication is OK again, the SMTP issue went away.  I don't like mystery solutions, but I can only see this as the cause of the problem.
0
 

Author Closing Comment

by:quaybj
ID: 40645140
I did not select my own reason for accepting the comment, so i don't know why i have to comment on my comment.  However, Will Szymkowski's comment led me deeper into SMTP logs than i have ever been - very interesting.  and Footech's mention of name resolution led me to the deep DNS probe, which i think was the solution to the problem.

Thanks to you both.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month8 days, 16 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question