none
Failed to connect. Error Code: 10061

    Question

  • I am running an Exchange Server 2007 and recently we had some changes. We had both a fixed T1 and business class DSL for our ISP's. We didn't have any problems having mail route through the T1 but after we disconnected the T1 (pending a new T1 service provider) and forced the traffic through the business DSL, mail has been getting queued on the Exchange server. The error from Exchange queue is:

    451 4.4.0 Primary target IP address responded with : "421 4.2.1 Unable to connect." Attempted failover to alternate host, but that did....

     

    I turned on debugging on the Transport Send Connector and here are a few examples of the errors.

    2010-06-15T17:03:20.109Z,SMTP,08CCDAC39DBB859D,1,,74.125.157.27:25,*,,"Failed to connect. Error Code: 10061, Error Message: No connection could be made because the target machine actively refused it 74.125.157.27:25"

    2010-06-15T17:03:20.109Z,SMTP,08CCDAC39DBB859D,0,,209.85.211.33:25,*,,attempting to connect

    2010-06-15T17:03:20.406Z,SMTP,08CCDAC39DBB859C,1,,207.115.20.22:25,*,,"Failed to connect. Error Code: 10061, Error Message: No connection could be made because the target machine actively refused it 207.115.20.22:25"

    2010-06-15T17:03:20.406Z,SMTP,08CCDAC39DBB859C,0,,207.115.36.20:25,*,,attempting to connect

    2010-06-15T17:03:20.406Z,SMTP,08CCDAC39DBB8599,1,,66.94.236.34:25,*,,"Failed to connect. Error Code: 10061, Error Message: No connection could be made because the target machine actively refused it 66.94.236.34:25"

    2010-06-15T17:03:20.406Z,SMTP,08CCDAC39DBB8599,0,,74.6.136.65:25,*,,attempting to connect

    2010-06-15T17:03:20.515Z,SMTP,08CCDAC39DBB859A,1,,209.204.159.4:25,*,,"Failed to connect. Error Code: 10061, Error Message: No connection could be made because the target machine actively refused it 209.204.159.4:25"

    2010-06-15T17:03:20.515Z,SMTP,08CCDAC39DBB859A,0,,64.142.100.90:25,*,,attempting to connect

    Our IP address is 69.227.245.18 and is not on any blacklists. Because it is a DSL we cannot change the PTR to reflect the proper name. I have also created a SenderID entry in DNS that appears to be valid but still mail is getting queued. Here's the entry.

    v=spf1 mx ptr ptr:adsl-69-227-245-18.dsl.pltn13.pacbell.net mx:mail.elementcxi.com mx:mailgate.elementcxi.com ip4:69.227.245.18 ip4:209.237.52.18 ip4:192.168.111.13 -all

    When using the MX diagnostic tools it shows up correctly. The only warning is about the PTR. Here's the error.

    Warning - Reverse DNS does not match SMTP Banner

    So my burning questions are:

    1) What is causing the mail servers to reject our mail and this IP?

    2) What can I do so that the mail servers begin to "trust" our IP address? I need this to work as a backup mail server.

    3) How do recommend to get past this issue?

    Thanks in advance and let me know if you need more information.

    Roy

     

    Tuesday, June 15, 2010 5:54 PM

Answers

  • Hi,

    Are all remote mail servers refusing the connection?

    Are you sure port 25 is allowed unfiltered outbound on the DSL connection?  It may be that it's filtered and you have to use the ISPs SMTP relay as a smarthost.

    What happens if you "telnet remotemailserverIP 25" from a command prompt?  Does it connect OK?

    I did a whois on your IP of 69.227.245.18 and it shows that it's an AT&T connection.  According to forums I found, they filter port 25 by default.  It does appear though, you can contact them to remove that block.

    Let me know how you get on.

    Darren.

    • Proposed as answer by Alan.Gim Tuesday, June 22, 2010 2:01 AM
    • Marked as answer by Alan.Gim Wednesday, June 23, 2010 2:26 AM
    Tuesday, June 15, 2010 8:59 PM

All replies

  • Hi,

    Are all remote mail servers refusing the connection?

    Are you sure port 25 is allowed unfiltered outbound on the DSL connection?  It may be that it's filtered and you have to use the ISPs SMTP relay as a smarthost.

    What happens if you "telnet remotemailserverIP 25" from a command prompt?  Does it connect OK?

    I did a whois on your IP of 69.227.245.18 and it shows that it's an AT&T connection.  According to forums I found, they filter port 25 by default.  It does appear though, you can contact them to remove that block.

    Let me know how you get on.

    Darren.

    • Proposed as answer by Alan.Gim Tuesday, June 22, 2010 2:01 AM
    • Marked as answer by Alan.Gim Wednesday, June 23, 2010 2:26 AM
    Tuesday, June 15, 2010 8:59 PM
  • Does the target server perform reverse lookup?

    If a CISCO PIX firewall is involved in the mail flow, please use this article to troubleshoot. The malfunction of PIX would cause the same symptom


    James Luo
    TechNet Subscriber Support (http://technet.microsoft.com/en-us/subscriptions/ms788697.aspx)
    If you have any feedback on our support, please contact tngfb@microsoft.com
    Friday, June 18, 2010 3:29 AM
  • Does Darren's suggestion work?
    James Luo
    TechNet Subscriber Support (http://technet.microsoft.com/en-us/subscriptions/ms788697.aspx)
    If you have any feedback on our support, please contact tngfb@microsoft.com
    Tuesday, June 22, 2010 2:01 AM