Joe McDougall
asked on
Exchange 2013 and Watchguard - unable to receive email from certain recipients.
I have an Exchange 2013 server behind a WatchGuard M200 Firewall. Both have appropriate SSL certificates installed, and the WatchGuard is configured as an SMTP proxy.
Everything works brilliantly, except, email from two domains is not received. Everyone else works absolutely fine. I am unclear why.
On the Exchange end, the logs for working emails end like this:
However, for two domains, the conversation ends like this:
It looks as though the sender has been given permission to go ahead with sending their message, and then not done so. However, the message is attempted a few dozen times, about ten minutes apart, before the sender gives up.
On the WatchGuard end, there is one difference between how senders show in logs.
For the working senders, I see lines for both 'ProxyMatch, ProxyAllow:’ and then ‘ProxySMTPReq’, however, for broken senders, I see just ProxyMatch, which is not followed up with ProxySMTPReq.
One of the broken senders is coming from Office 365, however, so are dozens of other senders, so I don't think the issue is there.
Any advice?
Everything works brilliantly, except, email from two domains is not received. Everyone else works absolutely fine. I am unclear why.
On the Exchange end, the logs for working emails end like this:
250 2.1.5 Recipient OK
DATA
354 Start mail input; end with <CRLF>.<CRLF>
,Proxy destination(s) obtained from OnProxyInboundMessage event
"250 2.6.0 <CALsXffyfLq_=XyviTgL9AFYCZ0T2UBBFq8rH5ppQoBzSKUSO3Q@mail.gmail.com> [InternalId=85388244811933, Hostname=EXCHANGESERVER.DOMAIN.LOCAL] Queued mail for delivery"
QUIT
221 2.0.0 Service closing transmission channel
,LocalHowever, for two domains, the conversation ends like this:
250 2.1.5 Recipient OK
DATA
354 Start mail input; end with <CRLF>.<CRLF>
,LocalIt looks as though the sender has been given permission to go ahead with sending their message, and then not done so. However, the message is attempted a few dozen times, about ten minutes apart, before the sender gives up.
On the WatchGuard end, there is one difference between how senders show in logs.
For the working senders, I see lines for both 'ProxyMatch, ProxyAllow:’ and then ‘ProxySMTPReq’, however, for broken senders, I see just ProxyMatch, which is not followed up with ProxySMTPReq.
One of the broken senders is coming from Office 365, however, so are dozens of other senders, so I don't think the issue is there.
Any advice?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Accept: Joe McDougall (https:#a42218713)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Accept: Joe McDougall (https:#a42218713)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
More importantly, take a look at this post and see if it applies to your issue:
https://social.technet.microsoft.com/Forums/exchange/en-US/be568eab-45c1-4648-88df-99f4939dd845/mailflow-broken-error-451-470?forum=exchangesvrsecuremessaging