I am seeing email destined for certain domains sitting in our Exchange 2010 queue with the following message:
"451 4.4.0 Primary target IP address responded with: ""421 4.4.2 Connection dropped due to ConnectionReset."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts."
I enabled SMTP logging and here's what I get when attempting to send to one of the domains in question:
2012-06-12T14:23:35.685Z,External,08CF08634A19FB43,0,,External IP:25,*,,attempting to connect
2012-06-12T14:23:35.763Z,External,08CF08634A19FB43,1,Internal IP:10158,External IP:25,+,,
2012-06-12T14:23:35.841Z,External,08CF08634A19FB43,2,Internal IP:10158,External IP:25,<,220 Postini ESMTP 149 y652_pstn_c2 ready. CA Business and Professions Code Section 17538.45 forbids use of this system for unsolicited electronic mail advertisements.,
2012-06-12T14:23:35.841Z,External,08CF08634A19FB43,3,Internal IP:10158,External IP:25,>,EHLO email.myserver.com,
2012-06-12T14:23:35.841Z,External,08CF08634A19FB43,4,Internal IP:10158,External IP:25,-,,Remote
One interesting thing to note, is that if I attempt to telnet to one of these domains from my Exchange server, it will initially connect by the moment I type e for ehlo, I immediately get a message "Connection to host lost". I also get the same result when attempting to telnet from my soon to be decomissioned Exchange 2007 transport servers. However, if I try to telnet to other domains such as gmail, comcast, etc. I am able to send a message without any problems. I am also able to telnet to the problematic domains from another linux server that we have on the network without any problems. Therefore, I believe this rules out any issues relating to a blacklist.
Does anyone have any ideas of what to look at?
- Edited by CastinluModerator Monday, June 18, 2012 1:41 AM
Another possible cause for this could be a mismatch in your PTR / MX record for the mailserver. Lets say you have:
A mail.mydomain.com 18.104.22.168
PTR 22.214.171.124 mail.mydomain.com
In this scenario you will run into problems if your outgoing connection from the mailserver uses another ip address, say 126.96.36.199. Make sure that the ehlo hostname, the outgoing NAT (if applicable) and the records for this server all match up.