Solved

Bounce Back Message From Specific Domain

Posted on 2016-11-22
13
40 Views
Last Modified: 2016-11-28
We have a business in town that sends different users emails. They're occasionally getting bounce back messages with the following errors: '550 4.4.7 QUEUE.Expired; message expired' and '421 4.4.0 Remote server response was not RFC conformant'. I spoke with our spam filter provider and they don't show the emails hitting the spam filter and said that their domain is doing a PTR look up before sending the mail to recipient end. Since the the mx record of our domain points to the spam filter server and does not match up to their A records it is sending the mail out to the MX record.

Not all of their emails are being returned, just occasionally. I'm hoping to get some more information so I can pass it on to them if it is their problem. I know they said they were getting returned emails from other businesses that they send to so it could be on their end.
0
Comment
Question by:itgolfer
  • 6
  • 4
  • 3
13 Comments
 
LVL 35

Expert Comment

by:Kimputer
ID: 41897645
These problems are best solved at the source server. In this case, I think you don't have full control over it?
Usually you need the FULL SMTP logs to figure out what exactly the destination server doesn't like.
Sending servers do not check PTR records, as delivering the mail is the most important job of a sending server. Receiving servers do PTR records check, as they don't want the receive spam.
Your concern that your MX records points to a cloud spam filter is not warranted, unless YOU are the sending server.
0
 

Author Comment

by:itgolfer
ID: 41897674
Correct, I don't really have control over the sending server. I was just hoping if something was in the those errors that I could help them diagnose the problem.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 41897694
Sometimes an error code is enough indeed, but only when the problem is as clear as day (ex "Attachment too large, 15MB")
In this case, while there is text explaining what's wrong, it's not specific enough (it says a response was not compliant, but not EXACTLY which response).
At the source server, you could capture the entire traffic, and the line JUST before it gives the error, should be the offending one.
0
 
LVL 2

Accepted Solution

by:
Pune Tech earned 500 total points
ID: 41897707
I have gone through following technet article and found this issue is purely related to reverse lookup and this should by problem with your side and not other side.

https://social.technet.microsoft.com/Forums/en-US/aca4759d-5baf-4e7c-a6b5-ab5528a8e8c6/421-440-remote-server-response-was-not-rfc-conformant?forum=exchangesvrsecuremessaginglegacy

OK so can you tell me what hello or EHLOp your server is presenting like

EHLO mail.xxxxxxxxxxx.co.uk\r\n

we get a 250 response

Response: 250-proofpoint-xxxxxxx.co.uk Hello no-reverse.redstone-isp.net [212.44.xx.xxx] (may be forged), pleased to meet you\r\n

And what reverse DNS records is available with your DNS provider.
0
 
LVL 2

Expert Comment

by:Pune Tech
ID: 41897763
Right now what is happening is your exchange server is saying my name is itgolpher.contoso.com and IP is x.x.x.x

When other end server try to resolve x.x.x.x they are getting different name like Pune.contoso.com but server says I am itgolpher and dns says I am Pune so it is creating mismatch.

Where is your DNS records is hosted ?
0
 

Author Comment

by:itgolfer
ID: 41897804
I do have the forwarded bounce back message if that helps. It contains the headers but I'm not sure if that's enough info.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 2

Expert Comment

by:Pune Tech
ID: 41898447
Please post.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 41898971
All these questions are quite useless if you're not in full control of that Exchange server. Bounce back messages are usually not enough information.
0
 
LVL 2

Expert Comment

by:Pune Tech
ID: 41899332
@ kimcomuter : please see following article what Can You Find in an Email Header?

http://www.howtogeek.com/108205/htg-explains-what-can-you-find-in-an-email-header/
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 41899348
@PuneTech: I know all about headers. What you seem to forget is that the REAL FAILING email, is sent from an Exchange server OUTSIDE the asker's control. The REAL FAILING email WILL HAVE NO HEADERS as the email fails and doesn't actually exist. The EMAIL HEADER is from the bounce, and will be generated on that exact same server, and this is the bounce message that the asker has (which is useless except for the SMTP error!)
You need the FULL CONVERSATION from the original Exchange Server with the next hop to find out WHICH RFC rule is being broken. because you need to follow up on this error: 421 4.4.0 Remote server response was not RFC conformant'
Obviously, it may very well be a reverse DNS entry causing it, but again, the DNS will be just as likely out of asker's control.
0
 
LVL 2

Expert Comment

by:Pune Tech
ID: 41899432
Please don't mind , I do apologize.

But if you read itgolpher last comment it says . "it contains the headers"

So I said please post.

Bye good night going for sleep
0
 

Author Comment

by:itgolfer
ID: 41904187
My apologies, I was waiting to hear back from our spam filter provider. They made a change and things seem to be coming in without issue now. Thanks for all of your help.
0
 
LVL 2

Expert Comment

by:Pune Tech
ID: 41904219
Nice to here from you and thanks for the update, have a good day.
0

Featured Post

Promote certifications in your email signature

Has your company recently won an award or achieved a certification? They'll no doubt want to show it off. Email signature images used to promote certifications & awards can instantly establish credibility with a recipient and provide you with numerous benefits.

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now