none
Emails to a specific domain get returned. RRS feed

  • Question

  • It seems we are the only company that can't send emails to this specific client.

    The emails we get back seem to indicate it is on their end. But after investigating further I am not so certain. (Exchange 2007 SP3.)

    Rejection email below: Then below that a copy of SMTPDiag. It passed the same person! But failed via email. We are using MS Forefront's cloud service. It seem the emails are going a different path. I ran SMTPDiag on our Exchange server.

    ------------------------------------------------------------------------------------------------

    From: postmaster@travismedical.com [mailto:postmaster@travismedical.com]
    Sent: Monday, May 07, 2012 10:57 AM
    To: Steven Bauer
    Subject: Undeliverable: Estimate 70711 from Stealth Products, Inc.

    Delivery has failed to these recipients or distribution lists:

    wayne.cruz@travismedical.com
    The recipient's e-mail address was not found in the recipient's e-mail system. Microsoft Exchange will not try to redeliver this message for you. Please check the e-mail address and try resending this message, or provide the following diagnostic text to your system administrator.

    Diagnostic information for administrators:

    Generating server: mail.travismedical.com

    wayne.cruz@travismedical.com
    #< #5.1.1> #SMTP#

    Original message headers:

    Received: from mail198-ch1-R.bigfish.com ([216.32.181.171]) by
     mail.travismedical.com over TLS secured channel with Microsoft
     SMTPSVC(6.0.3790.4675);         Mon, 7 May 2012 10:56:37 -0500
    Received: from mail198-ch1 (localhost [127.0.0.1])           by
     mail198-ch1-R.bigfish.com (Postfix) with ESMTP id 3858930054F   for
     <wayne.cruz@travismedical.com>; Mon,  7 May 2012 15:56:24 +0000 (UTC)
    X-SpamScore: 0
    X-BigFish: VvPps0(zzc85fh1454Izz1202hz31izz2dh793h2a8h668h839hd25hd2bh34h)
    X-Forefront-Antispam-Report: CIP:63.97.171.28;KIP:(null);UIP:(null);IPV:NLI;H:STEALTHMSX.StealthProducts.local;RD:stealthmsx.stealthproducts.com;EFVD:NLI
    Received: from mail198-ch1 (localhost.localdomain [127.0.0.1]) by mail198-ch1
     (MessageSwitch) id 1336406181156374_24006; Mon,  7 May 2012 15:56:21 +0000
     (UTC)
    Received: from CH1EHSMHS001.bigfish.com (snatpool1.int.messaging.microsoft.com
     [10.43.68.253]) by mail198-ch1.bigfish.com (Postfix) with ESMTP id
     1F01B60249;    Mon,  7 May 2012 15:56:21 +0000 (UTC)
    Received: from STEALTHMSX.StealthProducts.local (63.97.171.28) by
     CH1EHSMHS001.bigfish.com (10.43.70.1) with Microsoft SMTP Server (TLS) id
     14.1.225.23; Mon, 7 May 2012 15:56:16 +0000
    Received: from STEALTHMSX.StealthProducts.local ([192.168.0.101]) by
     stealthmsx ([192.168.0.101]) with mapi; Mon, 7 May 2012 10:56:28 -0500
    From: Steven Bauer <Steven@stealthproducts.com>
    To: "'wayne.cruz@travismedical.com'" <wayne.cruz@travismedical.com>
    CC: "'pcssales@swbell.net'" <pcssales@swbell.net>
    Date: Mon, 7 May 2012 10:56:27 -0500
    Subject: Estimate 70711 from Stealth Products, Inc.
    Thread-Topic: Estimate 70711 from Stealth Products, Inc.
    Thread-Index: Ac0safWAZppQ95z3QlCP/A+yGGL+5g==
    Message-ID: <97921B5DFDF63C42948810A34B93A21C37195AF977@stealthmsx>
    Accept-Language: en-US
    Content-Language: en-US
    X-MS-Has-Attach: yes
    X-MS-TNEF-Correlator:
    acceptlanguage: en-US
    Content-Type: multipart/mixed;
                boundary="_002_97921B5DFDF63C42948810A34B93A21C37195AF977stealthmsx_"
    MIME-Version: 1.0dLd/?


    X-OriginatorOrg: stealthproducts.com
    Return-Path: Steven@stealthproducts.com
    X-OriginalArrivalTime: 07 May 2012 15:56:39.0349 (UTC) FILETIME=[FD1F5650:01CD2C69]
    ------------------------------------------

    D:\SMTPDiag>smtpdiag steve@stealthproducts.com wayne.cruz@travismedical.com /v

    Searching for Exchange external DNS settings.
    Computer name is STEALTHMSX.
    VSI 1 has the following external DNS servers:
    There are no external DNS servers configured.

    Checking SOA for travismedical.com.
    Checking external DNS servers.
    Checking internal DNS servers.

    Checking TCP/UDP SOA serial number using DNS server [192.168.0.102].
    TCP test succeeded.
    UDP test succeeded.
    Serial number: 1334077735

    Checking TCP/UDP SOA serial number using DNS server [192.168.0.100].
    Failed: DNS server [192.168.0.100] may be down.
    DNS server [192.168.0.100] did not return a valid SOA record.
    SOA serial number match: Failed with one or more failures.

    Checking local domain records.
    Starting TCP and UDP DNS queries for the local domain. This test will try to
    validate that DNS is set up correctly for inbound mail. This test can fail for
    3 reasons.
        1) Local domain is not set up in DNS. Inbound mail cannot be routed to
    local mailboxes.
        2) Firewall blocks TCP/UDP DNS queries. This will not affect inbound mail,
    but will affect outbound mail.
        3) Internal DNS is unaware of external DNS settings. This is a valid
    configuration for certain topologies.
    Checking MX records using TCP: stealthproducts.com.
      MX:    mail.global.frontbridge.com (10)
      A:     mail.global.frontbridge.com [216.32.180.22]
      A:     mail.global.frontbridge.com [213.199.180.150]
    Checking MX records using UDP: stealthproducts.com.
      MX:    mail.global.frontbridge.com (10)
      A:     mail.global.frontbridge.com [213.199.180.150]
      A:     mail.global.frontbridge.com [216.32.180.22]
    Both TCP and UDP queries succeeded. Local DNS test passed.

    Checking remote domain records.
    Starting TCP and UDP DNS queries for the remote domain. This test will try to
    validate that DNS is set up correctly for outbound mail. This test can fail for
    3 reasons.
        1) Firewall blocks TCP/UDP queries which will block outbound mail. Windows
    2000/NT Server requires TCP DNS queries. Windows Server 2003 will use UDP
    queries first, then fall back to TCP queries.
        2) Internal DNS does not know how to query external domains. You must
    either use an external DNS server or configure DNS server to query external
    domains.
        3) Remote domain does not exist. Failure is expected.
    Checking MX records using TCP: travismedical.com.
      MX:    mx1.emailsrvr.com (10)
      MX:    mx2.emailsrvr.com (20)
      A:     mx2.emailsrvr.com [173.203.2.32]
      A:     mx1.emailsrvr.com [98.129.184.3]
    Checking MX records using UDP: travismedical.com.
      MX:    mx1.emailsrvr.com (10)
      MX:    mx2.emailsrvr.com (20)
    Both TCP and UDP queries succeeded. Remote DNS test passed.

    Checking MX servers listed for wayne.cruz@travismedical.com.
    Connecting to mx1.emailsrvr.com [98.129.184.3] on port 25.
    Received:
    220 mx1.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 forbids sending spam
    through this system


    Sent:
    ehlo stealthproducts.com

    Received:
    250-smtp61.gate.dfw1a.rsapps.net says EHLO to 63.97.171.28:57359
    250-STARTTLS
    250-8BITMIME
    250-SIZE 75000000
    250-ENHANCEDSTATUSCODES
    250 PIPELINING


    Sent:
    mail from: <steve@stealthproducts.com>

    Received:
    250 2.1.0 Ok

    Sent:
    rcpt to: <wayne.cruz@travismedical.com>

    Received:
    250 2.1.5 Ok

    Sent:
    quit

    Received:
    221 smtp61.gate.dfw1a.rsapps.net closing connection

    Successfully connected to mx1.emailsrvr.com.
    Connecting to mx2.emailsrvr.com [173.203.2.32] on port 25.
    Received:
    220 mx2.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 forbids sending spam
    through this system


    Sent:
    ehlo stealthproducts.com

    Received:
    250-smtp29.gate.ord1a.rsapps.net says EHLO to 63.97.171.28:57360
    250-ENHANCEDSTATUSCODES
    250-PIPELINING
    250-8BITMIME
    250-STARTTLS
    250 SIZE 75000000


    Sent:
    mail from: <steve@stealthproducts.com>

    Received:
    250 2.1.0 Ok

    Sent:
    rcpt to: <wayne.cruz@travismedical.com>

    Received:
    250 2.1.5 Ok

    Sent:
    quit

    Received:
    221 smtp29.gate.ord1a.rsapps.net closing connection

    Successfully connected to mx2.emailsrvr.com.

    D:\SMTPDiag>

    Thursday, May 10, 2012 7:50 PM

Answers

  • All my email goes to FOPE via a Smarthost. mail.global.frontbridge.com.

    I need to make an exception for just this domain?

    In the Network Tab "Route mail through the following smart hosts..." is checked.

    In FOPE, you can can create a send connector for just that domain. See their documentation on how to do that.

    • Marked as answer by Xiu Zhang Wednesday, May 30, 2012 6:31 AM
    Tuesday, May 15, 2012 1:56 PM
    Moderator

All replies

  • I would open a ticket with Microsoft. They may have stale records or at one time handled the mail for this domain.
    Thursday, May 10, 2012 8:15 PM
    Moderator
  • Thanks, I have opened a case. But I am not sure it is FOPE.

    I did a Message Trace on FOPE and the "To IP Address" is the mail server it should be.

    67.78.68.42

    Thursday, May 10, 2012 9:35 PM
  • It looks like the problem is with the recipient. The email has gone through the FOPE system correctly and has been delivered to their server then rejected.

    The last line is this:

    Received: from mail198-ch1-R.bigfish.com ([216.32.181.171]) by
    mail.travismedical.com over TLS secured channel with Microsoft
    SMTPSVC(6.0.3790.4675);        Mon, 7 May 2012 10:56:37 -0500

    That is a successful delivery to the recipient's server.

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.

    Thursday, May 10, 2012 10:11 PM
  • Thanks, I have opened a case. But I am not sure it is FOPE.

    I did a Message Trace on FOPE and the "To IP Address" is the mail server it should be.

    67.78.68.42


    They will be able to tell you this for sure. I have seen this issue before.
    Friday, May 11, 2012 12:41 PM
    Moderator
  • It looks like the problem is with the recipient. The email has gone through the FOPE system correctly and has been delivered to their server then rejected.

    The last line is this:

    Received: from mail198-ch1-R.bigfish.com ([216.32.181.171]) by
    mail.travismedical.com over TLS secured channel with Microsoft
    SMTPSVC(6.0.3790.4675);        Mon, 7 May 2012 10:56:37 -0500

    That is a successful delivery to the recipient's server.

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.

    I agree there. They arent doing any recipient filtering, so they accept and then return.  But I have seen instances similar to this when FOPE is sending to the wrong mail server unfortuantely   :(

    Friday, May 11, 2012 12:50 PM
    Moderator
  • Hi,

    How is the issue now?

    Any update?


    Xiu Zhang

    TechNet Community Support

    Tuesday, May 15, 2012 7:03 AM
  • Apologize for taking so long to get back.

    FOPE assured me it wasn't them. I told the IT people at the domain. They in turn talked to Rackspace who said it wasn't them. And pointed them back to me.

    I did more research and found out they recently did a hosting change. Moving to Rackspace and moving their email. However, they did not change an A record that was pointing to mail.travismedical.com. This machine is not at Rackspace - and the one sending kicking back the emails.

    I called them yesterday and asked them to remove it. They said they needed because they still had people access web services this point to.

    In looking at this issue apparently Exchange if it can't find an MX record for the specific domain, checks an A record next, correct? Their new MX records are:

    ----------------------------------------

    C:\Users\administrator.STEALTHPRODUCTS>nslookup -q=mx travismedical.com
    Server:  stealthdc.stealthproducts.local
    Address:  192.168.0.102

    Non-authoritative answer:
    travismedical.com       MX preference = 20, mail exchanger = mx2.emailsrvr.com
    travismedical.com       MX preference = 10, mail exchanger = mx1.emailsrvr.com

    mx2.emailsrvr.com       internet address = 173.203.2.32
    mx1.emailsrvr.com       internet address = 98.129.184.3

    ----------------------------

    But notice the domain name is different. "emailsrvr.com"  (I have flushed the caches too BTW.) See more  below.

    So ... the question is, how do I make Exchange check the above MX records??? And stop querying the A record? Travismedical says we are the only one with this problem but admitted other "strange events" to this migration.

    ----------------------------

    <<>> DiG 9.6-ESV-R4 <<>> -t ANY mail.travismedical.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35008
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;mail.travismedical.com. IN ANY

    ;; ANSWER SECTION:
    mail.travismedical.com. 3600 IN A 67.78.68.42 
    <----------machine my Exchange talks to.

    ;; AUTHORITY SECTION:
    travismedical.com. 3600 IN NS dns1.stabletransit.com.
    travismedical.com. 3600 IN NS dns2.stabletransit.com.

    ;; Query time: 102 msec
    ;; SERVER: 69.56.222.10#53(69.56.222.10)
    ;; WHEN: Mon May 14 11:39:28 2012
    ;; MSG SIZE rcvd: 108

    Tuesday, May 15, 2012 1:33 PM
  • Smarthost for that domain to the good FQDN.

    Tuesday, May 15, 2012 1:36 PM
    Moderator
  • All my email goes to FOPE via a Smarthost. mail.global.frontbridge.com.

    I need to make an exception for just this domain?

    In the Network Tab "Route mail through the following smart hosts..." is checked.

    Tuesday, May 15, 2012 1:50 PM
  • All my email goes to FOPE via a Smarthost. mail.global.frontbridge.com.

    I need to make an exception for just this domain?

    In the Network Tab "Route mail through the following smart hosts..." is checked.

    In FOPE, you can can create a send connector for just that domain. See their documentation on how to do that.

    • Marked as answer by Xiu Zhang Wednesday, May 30, 2012 6:31 AM
    Tuesday, May 15, 2012 1:56 PM
    Moderator