locked
Gmail/MxToolbox and Exchange 2003 RRS feed

  • Question

  • We had an exchange 2003 in SBS working fine for some time now.

    Since a few days ago, without any changes in configuration of server or ISP service, we are not able to receive emails from Gmail and a few other domains/servers, although we receive from other domains.

    DNS is working fine, the ports are open (25), the Gmail servers connect (mail-xxx-xxxx.google.com connection appear in smtp default virtual server under connections), but the messages fail to deliver.
    Trying to send from my Gmail address to my domain address I'm getting delivery delayed messages (still no NDR).

    I can telnet port 25, and send test mails through telnet cmd from gmail address.

    MxToolbox smtp diag returns "An error has occurred with your lookup. Please try again."
    In the past I could run Mxtoolbox tools without relevant errors.

    Already gone through default smtp virtual server and can't figure out what's happening.
    In smtp logging got this:

    #Software: Microsoft Internet Information Services 6.0
    #Version: 1.0
    #Date: 2013-08-23 14:06:25
    #Fields: time c-ip cs-method cs-uri-stem sc-status
    14:10:45 209.85.212.169 EHLO - 250
    14:10:45 209.85.212.169 MAIL - 250
    14:10:45 209.85.212.169 RCPT - 250
    14:10:59 74.125.82.196 EHLO - 250
    14:10:59 74.125.82.196 MAIL - 250
    14:10:59 74.125.82.196 RCPT - 250
    14:11:09 74.125.82.46 EHLO - 250
    14:11:09 74.125.82.46 MAIL - 250
    14:11:09 74.125.82.46 RCPT - 250
    14:11:24 93.159.212.95 EHLO - 250
    14:11:24 93.159.212.95 MAIL - 250
    14:11:24 93.159.212.95 RCPT - 250
    14:13:37 74.125.82.179 EHLO - 250
    14:13:37 74.125.82.179 MAIL - 250
    14:13:37 74.125.82.179 RCPT - 250
    14:14:19 209.85.212.171 EHLO - 250
    14:14:19 209.85.212.171 MAIL - 250
    14:14:19 209.85.212.171 RCPT - 250
    14:16:51 209.85.214.176 TIMEOUT - 121
    14:16:51 209.85.214.176 QUIT - 240
    14:21:25 93.159.212.95 QUIT - 240
    14:24:02 175.101.15.19 EHLO - 250
    14:24:02 175.101.15.19 MAIL - 250
    14:24:02 175.101.15.19 RCPT - 250
    14:24:04 175.101.15.19 DATA - 250
    14:24:04 175.101.15.19 QUIT - 240
    14:24:48 178.33.238.23 EHLO - 250
    14:24:48 178.33.238.23 MAIL - 250
    14:24:48 178.33.238.23 RCPT - 250
    14:24:48 178.33.238.23 DATA - 250
    14:24:48 178.33.238.23 QUIT - 240
    14:26:24 93.159.212.95 EHLO - 250
    14:26:24 93.159.212.95 MAIL - 250
    14:26:24 93.159.212.95 RCPT - 250
    14:30:51 209.85.212.169 TIMEOUT - 121
    14:30:51 209.85.212.169 QUIT - 240
    14:31:21 74.125.82.196 TIMEOUT - 121
    14:31:21 74.125.82.46 TIMEOUT - 121
    14:31:21 74.125.82.196 QUIT - 240
    14:31:21 74.125.82.46 QUIT - 240
    14:34:22 74.125.82.179 TIMEOUT - 121
    14:34:22 209.85.212.171 TIMEOUT - 121
    14:34:22 74.125.82.179 QUIT - 240
    14:34:22 209.85.212.171 QUIT - 240
    14:36:25 93.159.212.95 QUIT - 240
    14:40:11 74.125.82.182 EHLO - 250
    14:40:11 74.125.82.182 MAIL - 250
    14:40:11 74.125.82.182 RCPT - 250
    14:41:26 93.159.212.95 EHLO - 250
    14:41:26 93.159.212.95 MAIL - 250
    14:41:26 93.159.212.95 RCPT - 250
    14:44:44 209.85.214.172 EHLO - 250
    14:44:44 209.85.214.172 MAIL - 250
    14:44:44 209.85.214.172 RCPT - 250
    14:51:26 93.159.212.95 QUIT - 240
    14:52:15 93.159.213.222 EHLO - 250
    14:52:15 93.159.213.222 MAIL - 250
    14:52:15 93.159.213.222 RCPT - 250
    14:56:27 93.159.212.95 EHLO - 250
    14:56:27 93.159.212.95 MAIL - 250
    14:56:27 93.159.212.95 RCPT - 250
    14:58:36 64.20.227.133 EHLO - 250
    14:58:36 64.20.227.133 MAIL - 250
    14:58:42 64.20.227.133 RCPT - 550
    14:58:42 64.20.227.133 QUIT - 240
    14:58:49 74.125.82.170 EHLO - 250
    14:58:49 74.125.82.170 MAIL - 250
    14:58:49 74.125.82.170 RCPT - 250

    Our domain is companhiasintrense.pt

    Nuno
    Friday, August 23, 2013 3:38 PM

Answers

  • I'd expect to see either a DATA or BDAT command from the transmitting server after they receive the 250 reply to the RCPT TO command -- but I don't see any in your log.

    I seen the sender is using ESMTP. Perhaps there's some sort of problem with the PIPELINING, CHUNKING, or 8bitmime? You can turn those off and see if the problem goes away.


    --- Rich Matheisen MCSE&I, Exchange MVP

    Tuesday, August 27, 2013 1:08 AM

All replies

  • Looks like you are using a dynamic IP vendor for your MX record yes?

    I would make sure it set correctly to update on the server so it matches whatever the dynamic IP vendor has set for you.

    Otherwise, I would open a ticket with gmail. They may not like delivering to a dynamic IP DNS.


    Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

    Friday, August 23, 2013 6:54 PM
  • We've been using DDNS for a year now, without noticeable problems (had fixed IP but 40$ a month...)

    Don't believe the problem lies here, since we receive mails from other domains, RDP works fine, OWA, OMA...

    On MxToolbox I can verify that mx records point to our IP (although dynamic).

    Also on MxToolbox the smtp tools hangs with no specific error, indicating a problem with our server

    I believe the problem lies in the RCPT to the DATA/BDATA that doesn't occur (smtp). This may be in a low level dialogue that I'm not familiar with.

    Could be a packet size problem, but we're on 100/20mb Fiber.

    Friday, August 23, 2013 9:50 PM
  • Also on ISA Firewall logs I notice some smtp packets being dropped, but not from google servers

    (packets dropped because no prior opened connections)

    No external mail accessory services.

    Friday, August 23, 2013 9:57 PM
  • Bump

    Really need some help on this one TY

    Sunday, August 25, 2013 11:01 PM
  • I'd expect to see either a DATA or BDAT command from the transmitting server after they receive the 250 reply to the RCPT TO command -- but I don't see any in your log.

    I seen the sender is using ESMTP. Perhaps there's some sort of problem with the PIPELINING, CHUNKING, or 8bitmime? You can turn those off and see if the problem goes away.


    --- Rich Matheisen MCSE&I, Exchange MVP

    Tuesday, August 27, 2013 1:08 AM
  • I disabled the mentioned verbs and for now I can receive emails from Gmail. Hope it won't mess with other email servers (think there's an issue between exchange servers).

    Sorry for the late reply, but only now got to study ADSI, msExchSmtpInboundCommandSupportOptions and all the math involved. It was a first time for me (the ADSI parameter, not the math).

    Still can't test SMTP dialogue with MxToolbox, but noticed that the connection is being dropped after attempt to relay from MxToolbx, with a "An error has occurred with your lookup. Please try again.". This didn't happen in the past.

    Monday, September 2, 2013 5:12 PM
  • The absence of those SMTP commands shouldn't interfere with Exchange server-to-server communication. If it does, it's easy enough to create a new SMTP Virtual Server that uses a different IP address on your LAN and have your firewall/router send connections to it.

    Nobody can help you with your other problem without knowing the domain name. You can post it here and obfuscate it in a way that understandable by humans. E.g., d o m a i n <replace-with-dot> n a m e <replace-with-period> t l d <DOT> nospam.com


    --- Rich Matheisen MCSE&I, Exchange MVP

    Monday, September 2, 2013 9:22 PM
  • Our domain is on the end of the first post: companhiasintrense.pt

    At first glance there's no need to obfuscate since the domain name is the most public info we have on the net.

    Monday, September 2, 2013 9:36 PM