Solved

Bounce Back Message From Specific Domain

Posted on 2016-11-22
13
127 Views
Last Modified: 2016-11-28
We have a business in town that sends different users emails. They're occasionally getting bounce back messages with the following errors: '550 4.4.7 QUEUE.Expired; message expired' and '421 4.4.0 Remote server response was not RFC conformant'. I spoke with our spam filter provider and they don't show the emails hitting the spam filter and said that their domain is doing a PTR look up before sending the mail to recipient end. Since the the mx record of our domain points to the spam filter server and does not match up to their A records it is sending the mail out to the MX record.

Not all of their emails are being returned, just occasionally. I'm hoping to get some more information so I can pass it on to them if it is their problem. I know they said they were getting returned emails from other businesses that they send to so it could be on their end.
0
Comment
Question by:itgolfer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 3
13 Comments
 
LVL 35

Expert Comment

by:Kimputer
ID: 41897645
These problems are best solved at the source server. In this case, I think you don't have full control over it?
Usually you need the FULL SMTP logs to figure out what exactly the destination server doesn't like.
Sending servers do not check PTR records, as delivering the mail is the most important job of a sending server. Receiving servers do PTR records check, as they don't want the receive spam.
Your concern that your MX records points to a cloud spam filter is not warranted, unless YOU are the sending server.
0
 

Author Comment

by:itgolfer
ID: 41897674
Correct, I don't really have control over the sending server. I was just hoping if something was in the those errors that I could help them diagnose the problem.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 41897694
Sometimes an error code is enough indeed, but only when the problem is as clear as day (ex "Attachment too large, 15MB")
In this case, while there is text explaining what's wrong, it's not specific enough (it says a response was not compliant, but not EXACTLY which response).
At the source server, you could capture the entire traffic, and the line JUST before it gives the error, should be the offending one.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 
LVL 3

Accepted Solution

by:
Pune Tech earned 500 total points
ID: 41897707
I have gone through following technet article and found this issue is purely related to reverse lookup and this should by problem with your side and not other side.

https://social.technet.microsoft.com/Forums/en-US/aca4759d-5baf-4e7c-a6b5-ab5528a8e8c6/421-440-remote-server-response-was-not-rfc-conformant?forum=exchangesvrsecuremessaginglegacy

OK so can you tell me what hello or EHLOp your server is presenting like

EHLO mail.xxxxxxxxxxx.co.uk\r\n

we get a 250 response

Response: 250-proofpoint-xxxxxxx.co.uk Hello no-reverse.redstone-isp.net [212.44.xx.xxx] (may be forged), pleased to meet you\r\n

And what reverse DNS records is available with your DNS provider.
0
 
LVL 3

Expert Comment

by:Pune Tech
ID: 41897763
Right now what is happening is your exchange server is saying my name is itgolpher.contoso.com and IP is x.x.x.x

When other end server try to resolve x.x.x.x they are getting different name like Pune.contoso.com but server says I am itgolpher and dns says I am Pune so it is creating mismatch.

Where is your DNS records is hosted ?
0
 

Author Comment

by:itgolfer
ID: 41897804
I do have the forwarded bounce back message if that helps. It contains the headers but I'm not sure if that's enough info.
0
 
LVL 3

Expert Comment

by:Pune Tech
ID: 41898447
Please post.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 41898971
All these questions are quite useless if you're not in full control of that Exchange server. Bounce back messages are usually not enough information.
0
 
LVL 3

Expert Comment

by:Pune Tech
ID: 41899332
@ kimcomuter : please see following article what Can You Find in an Email Header?

http://www.howtogeek.com/108205/htg-explains-what-can-you-find-in-an-email-header/
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 41899348
@PuneTech: I know all about headers. What you seem to forget is that the REAL FAILING email, is sent from an Exchange server OUTSIDE the asker's control. The REAL FAILING email WILL HAVE NO HEADERS as the email fails and doesn't actually exist. The EMAIL HEADER is from the bounce, and will be generated on that exact same server, and this is the bounce message that the asker has (which is useless except for the SMTP error!)
You need the FULL CONVERSATION from the original Exchange Server with the next hop to find out WHICH RFC rule is being broken. because you need to follow up on this error: 421 4.4.0 Remote server response was not RFC conformant'
Obviously, it may very well be a reverse DNS entry causing it, but again, the DNS will be just as likely out of asker's control.
0
 
LVL 3

Expert Comment

by:Pune Tech
ID: 41899432
Please don't mind , I do apologize.

But if you read itgolpher last comment it says . "it contains the headers"

So I said please post.

Bye good night going for sleep
0
 

Author Comment

by:itgolfer
ID: 41904187
My apologies, I was waiting to hear back from our spam filter provider. They made a change and things seem to be coming in without issue now. Thanks for all of your help.
0
 
LVL 3

Expert Comment

by:Pune Tech
ID: 41904219
Nice to here from you and thanks for the update, have a good day.
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question