Exchange 2013 400 4.4.7 Message delayed

Hello:

We just recovered yesterday from an Exchange database failure. Database was restored and most mail seems to be flowing in and out except for mail sent to a few domains. We have a 2-node DAG (EXCH01 and EXCH02) with the database currently active on EXCH01. All mail flows thru a Barracuda Spam 300 firewall and up until the recovery yesterday all the email flowed fine in both directions. Barracuda has not been touched. Delivery to a few domains is showing as delayed in the queue and is bouncing back with the message:

Diagnostic information for administrators:

Generating server: EXCH01.neweraopt.com
Receiving server: edge.receivingdomain.com (xxx.xx.xx.xxx)


users@receivingdomain.com
Remote Server at edge.receivingdomain.com (xxx.xx.xx.xxx) returned '400 4.4.7 Message delayed'
11/13/2017 8:29:42 PM - Remote Server at edge.receivingdomain.com (xxx.xx.xx.xxx) returned '451-4.4.0 Primary target IP address responded with: "554-edge2.receivingdomain.com  451 4.4.0 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was xxx.xx.xxx.xxx:25'

I have checked out MX records and they seem fine. I have also checked several blacklist sites and our domain is not listed.

If any additional info is needed please let me know. Thank you.
ctsuhakoAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hemil AquinoNetwork EngineerCommented:
You are having DNS issue.

login to your ECP then go to server>Servername> DNS lookup and make sure you have your internal and external DNS bind.
0
Hemil AquinoNetwork EngineerCommented:
In case you have that in place, then you need to delete your queue logs and restart the transport services.
0
ctsuhakoAuthor Commented:
Hi, Hemil:

External DNS Lookups show: "All network adapters (All available IPv4) with the Address Field empty.

Internal DNS Lookups is identical.

Thank you.

Clay
0
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Hemil AquinoNetwork EngineerCommented:
Clay, on the do not select all the adapters. Change it and user their respective IP, for example:

Internal DNS 192.168.1.2
External DNS 8.8.8.8

I think you get the picture.
0
ctsuhakoAuthor Commented:
Hi, Hemil:

Do I use Custom Settings?

I have these options:
All network adapters (All available IPv4)
HP Ethernet 1GB 2-port 361i Adapter #2
HP Ethernet 1GB 2-port 361i Adapter
Microsoft Failover Cluster Virtual Adapter
Custom Settings

For External DNS would I use out ISP settings?

Thank you again!

Clay
0
Hemil AquinoNetwork EngineerCommented:
You need to configure the interface and add the DNS IP
And yes for the external you can use the ISP, or google DNS
0
Mal OsborneAlpha GeekCommented:
"Reputation" sounds like a Cisco IronPort or some other device that keeps a database might be in use. Not quite the same as a blacklist, but similar. Check below:

https://talosintelligence.com/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ctsuhakoAuthor Commented:
Hi, Mal:

For some reason it appears that Barracuda has put us on their list (they are the only ones). Ironic, since we use Barracuda Spam Firewall, Link Balancer and Archivers. I have applied to removed. Would being on only one list cause this? The Talos search on our IP shows an email reputation of Good. Thanks.

Clay
0
Mal OsborneAlpha GeekCommented:
Being on Barracuda's database will cause problems with anyone else using the same database. Barracuda is a reasonably large player, so it will impact a few recipient domains.
0
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Refer to my comments in https://www.experts-exchange.com/questions/29036679/AWS-EC2-mail-server.html for some of the steps required for having high email deliverability.

Keep in mind each IP + each domain has an associated reputation, which is determined by age + quality of messages sent over age period.

I use to manage all my own IPs + now I use MailGun, as it's far cheaper to have them do all this work, than me.
0
ctsuhakoAuthor Commented:
Thanks, everyone. After further research it has been fixed. It had to do with our outbound email being sent thru our secondary ISP link instead of our primary ISP link from our Barracuda Link Balancer. I had done some testing and forgot to revert back to route outgoing thru the pirmary. Even though I had made a note to myself to change it back. I need an assistant!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.