Exchange send issue - 7.7.1
We are having a weird e-mail problem which so far neither myself or two other technical staff can work out.
We have a single domain AD network with an on premise Exchange 2010 server. We have a problem when sending to one domain certain types of message. All other mail flow is working fine.
We have a small company who we work with and they have an office 365 subscription via Go Daddy. We have been working with them for about 10 weeks and had no issues until Friday. The problem we are facing now is that we can send then a new e-mail with fresh content but we can't forward or reply messages to them. The message we get back is:
__________________________
Requested rejected your message to the following e-mail addresses:
Toby surname (ti@domain.london)
Requested gave this error:
Delivery not authorized, message refused
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
Paul Surname (pb@domain.london)
Requested gave this error:
Delivery not authorized, message refused
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: MERCURY.domain.local
ti@fulcrum.london
Requested #571 Delivery not authorized, message refused ##
pb@domain.london
Requested #571 Delivery not authorized, message refused ##
Original message headers:
Received: from MERCURY.domain.local ([::1]) by MERCURY.domain.local ([::1]) with
mapi id 14.03.0301.000; Mon, 4 Jul 2016 15:15:30 +0100
From: Chris surname <chris@domain.co.uk>
To: Toby surname <ti@domain.london>, Damian surname
<damian@3rdparty.co.uk>
Subject: RE: Go Daddy Login
Thread-Topic: Go Daddy Login
Thread-Index: AdHV/NkDlrxReQw4TBm44KwhRy
Date: Mon, 4 Jul 2016 14:15:29 +0000
Message-ID: <8B94D972F0D5FD4EB4CE6CE9A
References: <HE1PR0101MB22666494C4311E
In-Reply-To: <HE1PR0101MB22666494C4311E
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.111.27]
x-esetresult: clean, is OK
x-esetid: 1128DF3F49694833436D86
x-disclaimit-status: OrgId:08ae8c058aaf4ed4b8da
AppliedRule:cb376e9d82824e
x-disclaimit-agent: Server:MERCURY; Version:4.70.473
Content-Type: multipart/related;
boundary="_004_8B94D972F0D
type="multipart/alternativ
MIME-Version: 1.0
The failure comes back very fast which leads me to believe that its our server reporting a fault however I have looked on other posts and the majority point to our IP or domain being blacklisted with the company we are sending this. This does quite make sense if a new and clean e-mail get through?
if anyone can shed any light on this it would be much appreciated. I am not keen on making any changes on our servers as there have been no other e-mail issues today.
Many Thanks
We have a single domain AD network with an on premise Exchange 2010 server. We have a problem when sending to one domain certain types of message. All other mail flow is working fine.
We have a small company who we work with and they have an office 365 subscription via Go Daddy. We have been working with them for about 10 weeks and had no issues until Friday. The problem we are facing now is that we can send then a new e-mail with fresh content but we can't forward or reply messages to them. The message we get back is:
__________________________
Requested rejected your message to the following e-mail addresses:
Toby surname (ti@domain.london)
Requested gave this error:
Delivery not authorized, message refused
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
Paul Surname (pb@domain.london)
Requested gave this error:
Delivery not authorized, message refused
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: MERCURY.domain.local
ti@fulcrum.london
Requested #571 Delivery not authorized, message refused ##
pb@domain.london
Requested #571 Delivery not authorized, message refused ##
Original message headers:
Received: from MERCURY.domain.local ([::1]) by MERCURY.domain.local ([::1]) with
mapi id 14.03.0301.000; Mon, 4 Jul 2016 15:15:30 +0100
From: Chris surname <chris@domain.co.uk>
To: Toby surname <ti@domain.london>, Damian surname
<damian@3rdparty.co.uk>
Subject: RE: Go Daddy Login
Thread-Topic: Go Daddy Login
Thread-Index: AdHV/NkDlrxReQw4TBm44KwhRy
Date: Mon, 4 Jul 2016 14:15:29 +0000
Message-ID: <8B94D972F0D5FD4EB4CE6CE9A
References: <HE1PR0101MB22666494C4311E
In-Reply-To: <HE1PR0101MB22666494C4311E
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.111.27]
x-esetresult: clean, is OK
x-esetid: 1128DF3F49694833436D86
x-disclaimit-status: OrgId:08ae8c058aaf4ed4b8da
AppliedRule:cb376e9d82824e
x-disclaimit-agent: Server:MERCURY; Version:4.70.473
Content-Type: multipart/related;
boundary="_004_8B94D972F0D
type="multipart/alternativ
MIME-Version: 1.0
The failure comes back very fast which leads me to believe that its our server reporting a fault however I have looked on other posts and the majority point to our IP or domain being blacklisted with the company we are sending this. This does quite make sense if a new and clean e-mail get through?
if anyone can shed any light on this it would be much appreciated. I am not keen on making any changes on our servers as there have been no other e-mail issues today.
Many Thanks
Just to add to this, either your IP is blacklisted, which you'll need to rectify, or if that is clean, then I'd say that there is some filtering software of some kind on the remote side and that's the cause of the bounce backs. Particularly so if this is just one domain that is being affected.
Shaun
Shaun
ASKER
Hi Shaun
Thanks for your comments - ok so I have checked my own IP first and that is clean and then I did a blacklist check which came back with 3 of the 170 different searches were blacklisted so I have removed the blacklist and still getting issues.
The odd thing is that I can send a new e-mail which sends fine however if I forward or reply then I get the bounce back.
I was thinking this was a problem with the remote site however the bounce backs are very quick and the server that issued the reply was ours.
We have filtering software on the exchange server (ESET) and they have confirmed they don't use the 5.7.1 error - they only issue 550 and 560.
Thanks for your comments - ok so I have checked my own IP first and that is clean and then I did a blacklist check which came back with 3 of the 170 different searches were blacklisted so I have removed the blacklist and still getting issues.
The odd thing is that I can send a new e-mail which sends fine however if I forward or reply then I get the bounce back.
I was thinking this was a problem with the remote site however the bounce backs are very quick and the server that issued the reply was ours.
We have filtering software on the exchange server (ESET) and they have confirmed they don't use the 5.7.1 error - they only issue 550 and 560.
Hi
It can take some time to get removed from the blacklists, do they all show clean now?
You should also ensure that your mail server has all the correct DNS records.
See my post here on how to configure DNS correctly for outbound mail -https://exchangeshell.wordpress.com/2009/08/11/setting-up-a-rdns-ptr-record-for-your-mail-server/
It could be that the receiving end are rejecting based on misconfigured DNS settings.
Also, if you have been on blacklists that will almost certainly be the cause of your woes.
Regarding the quick failure time - SMTP can reject before it accepts a mail message, and your server will be the one generating the failure notice based on the failed SMTP transaction from the receiving end. Run the manual telnet test from your outbound SMTP server to see.
Shaun
It can take some time to get removed from the blacklists, do they all show clean now?
You should also ensure that your mail server has all the correct DNS records.
See my post here on how to configure DNS correctly for outbound mail -https://exchangeshell.wordpress.com/2009/08/11/setting-up-a-rdns-ptr-record-for-your-mail-server/
It could be that the receiving end are rejecting based on misconfigured DNS settings.
Also, if you have been on blacklists that will almost certainly be the cause of your woes.
Regarding the quick failure time - SMTP can reject before it accepts a mail message, and your server will be the one generating the failure notice based on the failed SMTP transaction from the receiving end. Run the manual telnet test from your outbound SMTP server to see.
Shaun
ASKER
Hi Shaun and thanks for that
ok so to be clear it was the people we were sending to who were blacklisted but I checked this morning and they are clean.
I have tried to test using the telnet tests but the fail when saying mail from: me@mydomain.co.uk. I have also tried from my home server.
The service we are sending to is a hosted office 365 environment so I am not sure if they block this but can't see that they would?
ok so to be clear it was the people we were sending to who were blacklisted but I checked this morning and they are clean.
I have tried to test using the telnet tests but the fail when saying mail from: me@mydomain.co.uk. I have also tried from my home server.
The service we are sending to is a hosted office 365 environment so I am not sure if they block this but can't see that they would?
ASKER
I have found some further information on MX TOOLBOX (attached) which indicates some BT Servers which are blacklisted. It also highlights a missing/invalid DMARC record - If I am honest I have not dealt with DMARC before.
We don't have a direct contact for BT but I have sent over this information to BT in the hope they will reply or speak to me on the blacklisting issue and any of the others which they have control over.
MXToolbox.JPG
We don't have a direct contact for BT but I have sent over this information to BT in the hope they will reply or speak to me on the blacklisting issue and any of the others which they have control over.
MXToolbox.JPG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
A fair point on the blacklisting - thank you
We route using DNS so no smarthost is used. My concern was whether their blacklisted IP may have some bearing on this.
I know that our IP is clean -we do get daily e-mails confirming this from MX Toolbox.
We route using DNS so no smarthost is used. My concern was whether their blacklisted IP may have some bearing on this.
I know that our IP is clean -we do get daily e-mails confirming this from MX Toolbox.
ASKER
HI all
Just an update - we have managed to locate the problem being the firewall blocking the address - I had unblocked this at the start but there was another location where this needed to be unblocked that I was not aware of.
Shauncroucher - thanks for your comments, some of them helped in terms of my thought process, particularly with the blacklisting.
Just an update - we have managed to locate the problem being the firewall blocking the address - I had unblocked this at the start but there was another location where this needed to be unblocked that I was not aware of.
Shauncroucher - thanks for your comments, some of them helped in terms of my thought process, particularly with the blacklisting.
ASKER
Many thanks for all the posts on here - we resolved the problem with the input from others so much appreciated.
http://mxtoolbox.com/blacklists.aspx
Also, try running a manual telnet test from your sending server and post results of failures and at what stage you get a failure
https://exchangeshell.wordpress.com/2009/10/26/basic-smtp-telnet-test-exchange-2007-send-connector-send-port-25/
Shaun