Exchange mistakenly attempted mail delivery to an incorrect MTA route
Hello,
I'm setting up an Exchange Server for a client, they are running Windows Small Business Server 2003.
At the moment, most of the out going and incoming e-mails have no problem, but there are a few domain, namely sbcglobal.net that's rejecting e-mail from our server and generate a NDR.
The content of the NDR received is:
********@sbcglobal.net on 7/14/2010 3:57 AM
The message cannot be delivered due to a configuration error on the server. Please contact your Administrator.
<exchange.acmeacc.com #5.3.0 smtp;553 5.3.0 flpd238 - o6EB0hOj009703, DNSBL:ATTRBL 521< 208.57.62.178 >_is_blocked.__For_information_see_http://att.net/blocks>
In Event Viewer, this message is logged:
A non-delivery report with a status code of 5.3.0 was generated for recipient rfc822:*********@sbcglobal.net (Message-ID <A6D7105C02FBA74DA804A8EC1DD1089FAC60@aaserver.acmeacc.local>)
Causes: Exchange mistakenly attempted mail delivery to an incorrect MTA route.
For more information, click http://www.microsoft.com/contentredirect.asp.
Solution: Check your route and topology; use the winroute tool to ensure the routes are properly replicated between servers and routing groups.
From the look of the NDR, it looks like the message is being blocked by sbcglobal.com, so I have followed the link it gave me and got our IP address unblocked, however, it is still generating the same error. Also the error message logged in Event Viewer
sounds like its an internal configuration problem. I've looked everywhere but just couldn't see what's wrong. mxtoolbox.com also says our Exchange server is okay, reverse DNS lookup is setup correctly.
Any assistance is appreciated, thanks!!
July 14th, 2010 2:14pm
To me this is still black listing. I can see the DNSBL and ATTRBL. there is no setting on any exchange server in which u need to set up some thing special for mail delivery to any specific domain. The only exceptions are the SMTP and send connectors.Raj
Free Windows Admin Tool Kit Click here and download it now
July 14th, 2010 2:44pm
On Wed, 14 Jul 2010 11:14:53 +0000, Steven Masterson wrote:
>
>
>Hello,
>
>I'm setting up an Exchange Server for a client, they are running Windows Small Business Server 2003.
>
>At the moment, most of the out going and incoming e-mails have no problem, but there are a few domain, namely sbcglobal.net that's rejecting e-mail from our server and generate a NDR.
>
>
>
>The content of the NDR received is:
>
> ********@sbcglobal.net on 7/14/2010 3:57 AM The message cannot be delivered due to a configuration error on the server. Please contact your Administrator. <exchange.acmeacc.com #5.3.0 smtp;553 5.3.0 flpd238 - o6EB0hOj009703, DNSBL:ATTRBL 521< 208.57.62.178
>_is_blocked.__For_information_see_http://att.net/blocks>
>
>
>
>In Event Viewer, this message is logged:
>
>A non-delivery report with a status code of 5.3.0 was generated for recipient rfc822:*********@sbcglobal.net (Message-ID <A6D7105C02FBA74DA804A8EC1DD1089FAC60@aaserver.acmeacc.local>)
>
>Causes: Exchange mistakenly attempted mail delivery to an incorrect MTA route.
>
>For more information, click http://www.microsoft.com/contentredirect.asp.
>
>Solution: Check your route and topology; use the winroute tool to ensure the routes are properly replicated between servers and routing groups.
>
>
>
>From the look of the NDR, it looks like the message is being blocked by sbcglobal.com, so I have followed the link it gave me and got our IP address unblocked, however, it is still generating the same error. Also the error message logged in Event Viewer
sounds like its an internal configuration problem.
That's because the extended status code 5.3.0 is not the correct one
to return for this situation. RFC1893
(http://www.apps.ietf.org/rfc/rfc1893.html) puts x.3.x in section 3.4
Mail System Status:
X.3.0 Other or undefined mail system status
The destination system exists and normally accepts mail, but something
about the system has caused the generation of this DSN.
A more meaningful status code would be x.7.1 (section 3.8 Security or
Policy Status):
X.7.1 Delivery not authorized, message refused
The sender is not authorized to send to the destination. This can be
the result of per-host or per-recipient filtering. This memo does not
discuss the merits of any such filtering, but provides a mechanism to
report such. This is useful only as a permanent error.
>I've looked everywhere but just couldn't see what's wrong. mxtoolbox.com also says our Exchange server is okay, reverse DNS lookup is setup correctly.
>
>Any assistance is appreciated, thanks!!
If the text in the status is to be believed, your message was blocked.
But it doesn't say why, does it? Only the folks that manage that
domain can tell you the real reason why.
Oh, BTW, you should really turn on recipient filtering. Your server
accepts mail sent to any address in your domain. You'll soon be on
lots of DNSBL as a backscatter source.
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
July 15th, 2010 4:42am
Thanks for the reply, Rich.
That was extremely informative, just like you said, the message was just being blocked, but the error returned was not correctly describing the event. I got our IP address delisted from most Black List, and after about a few days its working correctly now.
Now as far as recipient filtering, do you mean the check box under Message Delivery -> Recipient Filtering -> Filter recipients who are not in the Directory ?
Because there was a strange behavior I see with the mail server, it keeps sending NDR to lots of different servers, mostly in .ru or .br domain. I've configured Intelligent Message Filter to just Delete when blocking message (no NDR) also sender ID filtering
is the same, delete without NDR. Could this be caused by not having recipient filtering turned on?
Again, thanks for the prompt reply, I really appreciate your help!!
Free Windows Admin Tool Kit Click here and download it now
July 20th, 2010 10:38pm
On Tue, 20 Jul 2010 19:38:26 +0000, Steven Masterson wrote:
[ snip ]
>Now as far as recipient filtering, do you mean the check box under Message Delivery -> Recipient Filtering -> Filter recipients who are not in the Directory ?
Yes. But if you're running Exchage 2003 you have to enable that on the
SMTP Virtual Server, too.
>Because there was a strange behavior I see with the mail server, it keeps sending NDR to lots of different servers, mostly in .ru or .br domain. I've configured Intelligent Message Filter to just Delete when blocking message (no NDR) also sender ID filtering
is the same, delete without NDR. Could this be caused by not having recipient filtering turned on?
You only send a NDR for e-mail you've accepted responsibility to
deliver. If there's no possibility that you'll be able to (or want to)
deliver the e-mail then don't accept it. Not having a matching SMTP
address in your directory falls into the "not able to deliver"
category.
The IMF, on the other hand, should only be given messages that you CAN
deliver. It's not a good idea to send NDRs to spammers no matter what.
If your policy is to just handle spam by just quarantining it or
turfing it, then that's acceptable.
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
July 21st, 2010 2:45am