SBS Windows Server 2003 Exchange Standard 2003 SP2 (Version 6.5 (Build 7638.2: Service Pack 2) Single Domain (only one domain.com hosted by exchange) Single Server on Domain Antivirus Symantec EndPoint (DISABLED at this POINT) having problems sending emails to especific domains. Here is the Event Log from Event Viewer: Event Type: Error Event Source: MSExchangeTransport Event Category: SMTP Protocol Event ID: 7004 Date: 8/7/2010 Time: 7:49:13 PM User: N/A Computer: LAB-SERVER Description: This is an SMTP protocol error log for virtual server ID 1, connection #330. The remote host "You", responded to the SMTP command "helo" with "550 You cannot say you are me. I am me. ". The full command sent was "HELO mydomain.com ". This will probably cause the connection to fail. For more information, click http://www.microsoft.com/contentredirect.asp. Event Type: Warning Event Source: MSExchangeTransport Event Category: Connection Manager Event ID: 4007 Date: 8/7/2010 Time: 8:10:07 PM User: N/A Computer: LAB-SERVER Description: Message delivery to the host '216.129.90.46' failed while delivering to the remote domain 'electricmail.com' for the following reason: An SMTP protocol error occurred. The SMTP verb which caused the error is 'HELO'. The response from the remote server is '550 You cannot say you are me. I am me. '. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: d7 02 04 c0 ×..À Also when receive NDR this is what I get his via EMAIL: From: postmaster@mydomain.com Date: August 6, 2010 3:38:56 PM EDT To: Jesus@mydomain.com Subject: Delivery Status Notification (Failure) This is an automatically generated Delivery Status Notification. Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server. dbelis@externaldomain.com Reporting-MTA: dns;mydomain.com Final-Recipient: rfc822;dbelis@externaldomain.com Action: failed Status: 4.4.7 I have looked everywhere for this message and I haven't found anything that can point me in the right direction Plase Help Me

Hi These mails in the queue, can you verify that they are valid domains and not spam domains Do you use any other 3rd part products than Symantec Antivirus?Jonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog: http://www.testlabs.se/blog

Hello Jonas, Yes they are indeed valid domains. there are only two emails one to electricmail.com and the other one to seitlin.com, both of these domains live in the electricmail.com network, electricmail.com it is a mail scrubing antispam service. In regard of having a third party product, no we do not have anyother product. We are using a SONICWALL TZ200w Appliance and I have tried with and without this appliance. Rommel

So you are using electricmail's services? ( Do you send outbound and receive inbound mail through them?)

Negative, emails get in and out from our exchange server to or from recipient. NO EMAIL SCRUBING SERVICES IN FRONT OF OUR EXCHANGE.

Ok, because it sounds as if their mail servers at one time did handle your domain and something isnt configured correctly on their end or yours. Have you enabled SMTP protocol logging so you can capture the entire conversation between your servers and theirs?

Ok, I think you have struck a cord, we are in the process to move out email services to electricmail.com, now, they (ElectricMail) have provisioned our domain to live on their network but we have not changed our MX records to point to them just yet, In regard of the SMTP Protocol Logging, I turned it on but I did not see anything there, how can I turn it on that It give me more details? Have you seen this problem before? Rommel

Here is the SMTP Protocol Logging: #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2010-08-08 22:02:40 #Fields: date time c-ip cs-username s-sitename s-computername s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status sc-win32-status sc-bytes cs-bytes time-taken cs-version cs-host cs(User-Agent) cs(Cookie) cs(Referer) 2010-08-08 22:02:40 216.129.90.46 OutboundConnectionResponse SMTPSVC1 LAB-SERVER - 25 - - 220+russet.electric.net+ESMTP 0 0 29 0 5265 SMTP - - - - 2010-08-08 22:02:40 216.129.90.46 OutboundConnectionCommand SMTPSVC1 LAB-SERVER - 25 EHLO - labrador-cpa.com 0 0 4 0 5375 SMTP - - - - 2010-08-08 22:02:41 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:41 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 391 65 4 0 SMTP - - - - 2010-08-08 22:02:44 72.35.23.4 OutboundConnectionResponse SMTPSVC1 LAB-SERVER - 25 - - 220+mitchell.electric.net+ESMTP 0 0 31 0 5078 SMTP - - - - 2010-08-08 22:02:44 72.35.23.4 OutboundConnectionCommand SMTPSVC1 LAB-SERVER - 25 EHLO - labrador-cpa.com 0 0 4 0 5078 SMTP - - - - 2010-08-08 22:02:45 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:45 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 250 65 4 0 SMTP - - - - 2010-08-08 22:02:45 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:45 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 235 65 4 0 SMTP - - - - 2010-08-08 22:02:47 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:47 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 266 65 4 0 SMTP - - - - 2010-08-08 22:02:47 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:48 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 531 65 4 0 SMTP - - - - 2010-08-08 22:02:49 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:49 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 266 65 4 0 SMTP - - - - 2010-08-08 22:02:49 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:49 216.129.90.46 OutboundConnectionResponse SMTPSVC1 LAB-SERVER - 25 - - 550+You+cannot+say+you+are+me.+I+am+me. 0 0 39 0 15484 SMTP - - - - 2010-08-08 22:02:49 216.129.90.46 OutboundConnectionCommand SMTPSVC1 LAB-SERVER - 25 HELO - labrador-cpa.com 0 0 4 0 15484 SMTP - - - - 2010-08-08 22:02:49 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 453 65 4 0 SMTP - - - - 2010-08-08 22:02:51 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:51 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 297 65 4 0 SMTP - - - - 2010-08-08 22:02:51 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:51 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 344 65 4 0 SMTP - - - - 2010-08-08 22:02:54 72.35.23.4 OutboundConnectionResponse SMTPSVC1 LAB-SERVER - 25 - - 550+You+cannot+say+you+are+me.+I+am+me. 0 0 39 0 15140 SMTP - - - - 2010-08-08 22:02:54 72.35.23.4 OutboundConnectionCommand SMTPSVC1 LAB-SERVER - 25 HELO - labrador-cpa.com 0 0 4 0 15140 SMTP - - - - 2010-08-08 22:02:56 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:02:56 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 469 65 4 0 SMTP - - - - 2010-08-08 22:02:56 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 MAIL - +FROM:+<bertha.ijnf@chartithere.info> 250 0 53 41 0 SMTP - - - - 2010-08-08 22:02:56 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 RCPT - +TO:+<user@labrador-cpa.com> 250 0 35 33 0 SMTP - - - - 2010-08-08 22:02:58 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 DATA - +<20100808180139.lkznmphgqzz@mx1.chartithere.info> 250 0 133 293694 31 SMTP - - - - 2010-08-08 22:03:00 216.129.90.46 OutboundConnectionResponse SMTPSVC1 LAB-SERVER - 25 - - 550+You+cannot+say+you+are+me.+I+am+me. 0 0 39 0 25593 SMTP - - - - 2010-08-08 22:03:00 216.129.90.46 OutboundConnectionCommand SMTPSVC1 LAB-SERVER - 25 QUIT - - 0 0 4 0 25593 SMTP - - - - 2010-08-08 22:03:00 216.129.90.46 OutboundConnectionResponse SMTPSVC1 LAB-SERVER - 25 - - 221+russet.electric.net+closing+connection 0 0 42 0 25703 SMTP - - - - 2010-08-08 22:03:01 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:03:01 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 359 65 4 0 SMTP - - - - 2010-08-08 22:03:04 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 89656 65 4 0 SMTP - - - - 2010-08-08 22:03:04 72.35.23.4 OutboundConnectionResponse SMTPSVC1 LAB-SERVER - 25 - - 550+You+cannot+say+you+are+me.+I+am+me. 0 0 39 0 25203 SMTP - - - - 2010-08-08 22:03:04 72.35.23.4 OutboundConnectionCommand SMTPSVC1 LAB-SERVER - 25 QUIT - - 0 0 4 0 25203 SMTP - - - - 2010-08-08 22:03:04 72.35.23.4 OutboundConnectionResponse SMTPSVC1 LAB-SERVER - 25 - - 221+mitchell.electric.net+closing+connection 0 0 44 0 25375 SMTP - - - - 2010-08-08 22:03:13 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 EHLO - +lab-server.jlabradorpa.local 250 0 305 33 0 SMTP - - - - 2010-08-08 22:03:13 127.0.0.1 lab-server.jlabradorpa.local SMTPSVC1 LAB-SERVER 127.0.0.1 0 QUIT - lab-server.jlabradorpa.local 240 297 65 4 0 SMTP - - - -

Havent seen this myself. But I would contact their support. There is probably some setting that needs some tweaking :)

On Sun, 8 Aug 2010 22:36:01 +0000, AndyD_ wrote: >Havent seen this myself. But I would contact their support. There is probably some setting that needs some tweaking :) Change the way your SMTP outflow server identifies itself. 216.129.90.46 identifies itself as "russet.electric.net" (or "oban.electric.net" -- and probably others) when you connect to it. 72.35.23.4 identifies itself as "hale.electric.net" (and maybe others) when you connect to it. But when you send (to either of those IP addresses) your HELO\EHLO using "labrador-cpa.com" as the data portion you get back: 220 hale.electric.net ESMTP helo labrador-cpa.com 550 You cannot say you are me. I am me. So, those electric.net servers aren't going to let you connect using just the domain name. Change it to, say "lab-server.labrador-cpa.com" and your HELO\EHLO will be accepted. I can't say what will happen to the other SMTP commands after you get past this problem, though. And what's up with 127.0.0.1 connecting to itself all the time? --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

And what's up with 127.0.0.1 connecting to itself all the time? --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP And what's the deal with Grape Nuts? You open the box. No Nuts. No Grapes!

On Mon, 9 Aug 2010 00:05:55 +0000, AndyD_ wrote: >And what's up with 127.0.0.1 connecting to itself all the time? --- Rich Matheisen MCSE+I, Exchange MVP >--- Rich Matheisen MCSE+I, Exchange MVP > >And what's the deal with Grape Nuts? You open the box. No Nuts. No Grapes! You forgot the hyphen. Here -- go read this. :-) http://www.straightdope.com/columns/read/136/how-can-grape-nuts-cereal-contain-no-grapes-or-nuts or this: http://en.wikipedia.org/wiki/Grape-Nuts Or . . . Aaahhhhhh! Another OT post that take you down the rabbit hole! --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Grape-Nuts. They will fix the issue.