Emails to a specific domain get returned.
It seems we are the only company that can't send emails to this specific client.
The emails we get back seem to indicate it is on their end. But after investigating further I am not so certain. (Exchange 2007 SP3.)
Rejection email below: Then below that a copy of SMTPDiag. It passed the same person! But failed via email. We are using MS Forefront's cloud service. It seem the emails are going a different path. I ran SMTPDiag on our Exchange server.
------------------------------------------------------------------------------------------------
From:
postmaster@travismedical.com
[mailto:postmaster@travismedical.com]
Sent: Monday, May 07, 2012 10:57 AM
To: Steven Bauer
Subject: Undeliverable: Estimate 70711 from Stealth Products, Inc.
Delivery has failed to these recipients or distribution lists:
wayne.cruz@travismedical.com
The recipient's e-mail address was not found in the recipient's e-mail system. Microsoft Exchange will not try to redeliver this message for you. Please check the e-mail address and try resending this message, or provide the following diagnostic text to your
system administrator.
Diagnostic information for administrators:
Generating server: mail.travismedical.com
wayne.cruz@travismedical.com
#< #5.1.1> #SMTP#
Original message headers:
Received: from mail198-ch1-R.bigfish.com ([216.32.181.171]) by
mail.travismedical.com over TLS secured channel with Microsoft
SMTPSVC(6.0.3790.4675);
Mon, 7 May 2012 10:56:37 -0500
Received: from mail198-ch1 (localhost [127.0.0.1])
by
mail198-ch1-R.bigfish.com (Postfix) with ESMTP id 3858930054F
for
<wayne.cruz@travismedical.com>; Mon,
7 May 2012 15:56:24 +0000 (UTC)
X-SpamScore: 0
X-BigFish: VvPps0(zzc85fh1454Izz1202hz31izz2dh793h2a8h668h839hd25hd2bh34h)
X-Forefront-Antispam-Report: CIP:63.97.171.28;KIP:(null);UIP:(null);IPV:NLI;H:STEALTHMSX.StealthProducts.local;RD:stealthmsx.stealthproducts.com;EFVD:NLI
Received: from mail198-ch1 (localhost.localdomain [127.0.0.1]) by mail198-ch1
(MessageSwitch) id 1336406181156374_24006; Mon,
7 May 2012 15:56:21 +0000
(UTC)
Received: from CH1EHSMHS001.bigfish.com (snatpool1.int.messaging.microsoft.com
[10.43.68.253]) by mail198-ch1.bigfish.com (Postfix) with ESMTP id
1F01B60249; Mon,
7 May 2012 15:56:21 +0000 (UTC)
Received: from STEALTHMSX.StealthProducts.local (63.97.171.28) by
CH1EHSMHS001.bigfish.com (10.43.70.1) with Microsoft SMTP Server (TLS) id
14.1.225.23; Mon, 7 May 2012 15:56:16 +0000
Received: from STEALTHMSX.StealthProducts.local ([192.168.0.101]) by
stealthmsx ([192.168.0.101]) with mapi; Mon, 7 May 2012 10:56:28 -0500
From: Steven Bauer <Steven@stealthproducts.com>
To: "'wayne.cruz@travismedical.com'" <wayne.cruz@travismedical.com>
CC: "'pcssales@swbell.net'" <pcssales@swbell.net>
Date: Mon, 7 May 2012 10:56:27 -0500
Subject: Estimate 70711 from Stealth Products, Inc.
Thread-Topic: Estimate 70711 from Stealth Products, Inc.
Thread-Index: Ac0safWAZppQ95z3QlCP/A+yGGL+5g==
Message-ID: <97921B5DFDF63C42948810A34B93A21C37195AF977@stealthmsx>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/mixed;
boundary="_002_97921B5DFDF63C42948810A34B93A21C37195AF977stealthmsx_"
MIME-Version: 1.0dLd/?
X-OriginatorOrg: stealthproducts.com
Return-Path: Steven@stealthproducts.com
X-OriginalArrivalTime: 07 May 2012 15:56:39.0349 (UTC) FILETIME=[FD1F5650:01CD2C69]
------------------------------------------
D:\SMTPDiag>smtpdiag steve@stealthproducts.com
wayne.cruz@travismedical.com /v
Searching for Exchange external DNS settings.
Computer name is STEALTHMSX.
VSI 1 has the following external DNS servers:
There are no external DNS servers configured.
Checking SOA for travismedical.com.
Checking external DNS servers.
Checking internal DNS servers.
Checking TCP/UDP SOA serial number using DNS server [192.168.0.102].
TCP test succeeded.
UDP test succeeded.
Serial number: 1334077735
Checking TCP/UDP SOA serial number using DNS server [192.168.0.100].
Failed: DNS server [192.168.0.100] may be down.
DNS server [192.168.0.100] did not return a valid SOA record.
SOA serial number match: Failed with one or more failures.
Checking local domain records.
Starting TCP and UDP DNS queries for the local domain. This test will try to
validate that DNS is set up correctly for inbound mail. This test can fail for
3 reasons.
1) Local domain is not set up in DNS. Inbound mail cannot be routed to
local mailboxes.
2) Firewall blocks TCP/UDP DNS queries. This will not affect inbound mail,
but will affect outbound mail.
3) Internal DNS is unaware of external DNS settings. This is a valid
configuration for certain topologies.
Checking MX records using TCP: stealthproducts.com.
MX: mail.global.frontbridge.com (10)
A: mail.global.frontbridge.com [216.32.180.22]
A: mail.global.frontbridge.com [213.199.180.150]
Checking MX records using UDP: stealthproducts.com.
MX: mail.global.frontbridge.com (10)
A: mail.global.frontbridge.com [213.199.180.150]
A: mail.global.frontbridge.com [216.32.180.22]
Both TCP and UDP queries succeeded. Local DNS test passed.
Checking remote domain records.
Starting TCP and UDP DNS queries for the remote domain. This test will try to
validate that DNS is set up correctly for outbound mail. This test can fail for
3 reasons.
1) Firewall blocks TCP/UDP queries which will block outbound mail. Windows
2000/NT Server requires TCP DNS queries. Windows Server 2003 will use UDP
queries first, then fall back to TCP queries.
2) Internal DNS does not know how to query external domains. You must
either use an external DNS server or configure DNS server to query external
domains.
3) Remote domain does not exist. Failure is expected.
Checking MX records using TCP: travismedical.com.
MX: mx1.emailsrvr.com (10)
MX: mx2.emailsrvr.com (20)
A: mx2.emailsrvr.com [173.203.2.32]
A: mx1.emailsrvr.com [98.129.184.3]
Checking MX records using UDP: travismedical.com.
MX: mx1.emailsrvr.com (10)
MX: mx2.emailsrvr.com (20)
Both TCP and UDP queries succeeded. Remote DNS test passed.
Checking MX servers listed for wayne.cruz@travismedical.com.
Connecting to mx1.emailsrvr.com [98.129.184.3] on port 25.
Received:
220 mx1.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 forbids sending spam
through this system
Sent:
ehlo stealthproducts.com
Received:
250-smtp61.gate.dfw1a.rsapps.net says EHLO to 63.97.171.28:57359
250-STARTTLS
250-8BITMIME
250-SIZE 75000000
250-ENHANCEDSTATUSCODES
250 PIPELINING
Sent:
mail from: <steve@stealthproducts.com>
Received:
250 2.1.0 Ok
Sent:
rcpt to: <wayne.cruz@travismedical.com>
Received:
250 2.1.5 Ok
Sent:
quit
Received:
221 smtp61.gate.dfw1a.rsapps.net closing connection
Successfully connected to mx1.emailsrvr.com.
Connecting to mx2.emailsrvr.com [173.203.2.32] on port 25.
Received:
220 mx2.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 forbids sending spam
through this system
Sent:
ehlo stealthproducts.com
Received:
250-smtp29.gate.ord1a.rsapps.net says EHLO to 63.97.171.28:57360
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-STARTTLS
250 SIZE 75000000
Sent:
mail from: <steve@stealthproducts.com>
Received:
250 2.1.0 Ok
Sent:
rcpt to: <wayne.cruz@travismedical.com>
Received:
250 2.1.5 Ok
Sent:
quit
Received:
221 smtp29.gate.ord1a.rsapps.net closing connection
Successfully connected to mx2.emailsrvr.com.
D:\SMTPDiag>
May 10th, 2012 3:50pm
I would open a ticket with Microsoft. They may have stale records or at one time handled the mail for this domain.
Free Windows Admin Tool Kit Click here and download it now
May 10th, 2012 4:15pm
Thanks, I have opened a case. But I am not sure it is FOPE.
I did a Message Trace on FOPE and the "To IP Address" is the mail server it should be.
67.78.68.42
May 10th, 2012 5:35pm
It looks like the problem is with the recipient. The email has gone through the FOPE system correctly and has been delivered to their server then rejected.
The last line is this:
Received: from mail198-ch1-R.bigfish.com ([216.32.181.171]) by
mail.travismedical.com over TLS secured channel with Microsoft
SMTPSVC(6.0.3790.4675);
Mon, 7 May 2012 10:56:37 -0500
That is a successful delivery to the recipient's server.
Simon.Simon Butler, Exchange MVP
Blog |
Exchange Resources | In the UK?
Hire Me.
Free Windows Admin Tool Kit Click here and download it now
May 10th, 2012 6:11pm
Thanks, I have opened a case. But I am not sure it is FOPE.
I did a Message Trace on FOPE and the "To IP Address" is the mail server it should be.
67.78.68.42
They will be able to tell you this for sure. I have seen this issue before.
May 11th, 2012 8:41am
It looks like the problem is with the recipient. The email has gone through the FOPE system correctly and has been delivered to their server then rejected.
The last line is this:
Received: from mail198-ch1-R.bigfish.com ([216.32.181.171]) by
mail.travismedical.com over TLS secured channel with Microsoft
SMTPSVC(6.0.3790.4675);
Mon, 7 May 2012 10:56:37 -0500
That is a successful delivery to the recipient's server.
Simon.
Simon Butler, Exchange MVP
Blog |
Exchange Resources | In the UK?
Hire Me.
I agree there. They arent doing any recipient filtering, so they accept and then return. But I have seen instances similar to this when FOPE is sending to the wrong mail server unfortuantely :(
Free Windows Admin Tool Kit Click here and download it now
May 11th, 2012 8:50am
Hi,
How is the issue now?
Any update?Xiu Zhang
TechNet Community Support
May 15th, 2012 3:03am
Apologize for taking so long to get back.
FOPE assured me it wasn't them. I told the IT people at the domain. They in turn talked to Rackspace who said it wasn't them. And pointed them back to me.
I did more research and found out they recently did a hosting change. Moving to Rackspace and moving their email. However, they did not change an A record that was pointing to mail.travismedical.com. This machine is not at Rackspace - and the one sending
kicking back the emails.
I called them yesterday and asked them to remove it. They said they needed because they still had people access web services this point to.
In looking at this issue apparently Exchange if it can't find an MX record for the specific domain, checks an A record next, correct? Their new MX records are:
----------------------------------------
C:\Users\administrator.STEALTHPRODUCTS>nslookup -q=mx travismedical.com
Server: stealthdc.stealthproducts.local
Address: 192.168.0.102
Non-authoritative answer:
travismedical.com MX preference = 20, mail exchanger = mx2.emailsrvr.com
travismedical.com MX preference = 10, mail exchanger = mx1.emailsrvr.com
mx2.emailsrvr.com internet address = 173.203.2.32
mx1.emailsrvr.com internet address = 98.129.184.3
----------------------------
But notice the domain name is different. "emailsrvr.com" (I have flushed the caches too BTW.) See more below.
So ... the question is, how do I make Exchange check the above MX records???
And stop querying the A record? Travismedical says we are the only one with this problem but admitted other "strange events" to this migration.
----------------------------
<<>> DiG 9.6-ESV-R4 <<>> -t ANY mail.travismedical.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35008
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;mail.travismedical.com. IN ANY
;; ANSWER SECTION:
mail.travismedical.com. 3600 IN A 67.78.68.42 <----------machine my Exchange talks to.
;; AUTHORITY SECTION:
travismedical.com. 3600 IN NS dns1.stabletransit.com.
travismedical.com. 3600 IN NS dns2.stabletransit.com.
;; Query time: 102 msec
;; SERVER: 69.56.222.10#53(69.56.222.10)
;; WHEN: Mon May 14 11:39:28 2012
;; MSG SIZE rcvd: 108
Free Windows Admin Tool Kit Click here and download it now
May 15th, 2012 9:33am
Smarthost for that domain to the good FQDN.
May 15th, 2012 9:36am
All my email goes to FOPE via a Smarthost. mail.global.frontbridge.com.
I need to make an exception for just this domain?
In the Network Tab "Route mail through the following smart hosts..." is checked.
Free Windows Admin Tool Kit Click here and download it now
May 15th, 2012 9:50am