Hello, I've been having a problem with one customer trying to send to us and he keeps getting rejected by our system supposedly. I asked a question here previously with no answer. The customer says we are the only company that he's having the problem with NDRs. As for us, this customer is the only customer having the problem. I've turned off our spam filtering since then. What is going on? Where can I find in our logs if we are sending him Non-Delivery Reports? Are we truly bouncing him (or is it someone in between). We are onExchange 2007with a Mailbox Server, Hub-Transport Server and Edge Server. Please help!!!!

Hi Eric, You need the actual NDR that your customer is receiving, the NDR will give you the error code which you can look up to see exactly why the E-mail is being rejected. I would have then send the NDR to an outside Mailbox like hotmail. You can also check the logs on the Edge server to try to get more information, get the sending IP address and search on that. Thanks Will

Here is the NDR they receive. Code Snippet -----Original Message-----From: Mail Delivery Subsystem [mailto:mailer-daemon@googlemail.com] Sent: Thursday, October 09, 2008 9:18 AMTo: steve@goodtelco.comSubject: Delivery Status Notification (Failure) This is an automatically generated Delivery Status Notification Delivery to the following recipient failed permanently: dbeagle@broadvox.net Technical details of permanent failure: Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 5.7.1 Requested action not taken: message refused (state 18). ----- Original message ----- Received: by 10.141.68.5 with SMTP id v5mr134059rvk.179.1223561902621; Thu, 09 Oct 2008 07:18:22 -0700 (PDT) Return-Path: <steve@goodtelco.com> Received: from hpnotebook (pool-71-96-238-117.dfw.dsl-w.verizon.net [71.96.238.117]) by mx.google.com with ESMTPS id 33sm12796366yxr.3.2008.10.09.07.18.18 (version=SSLv3 cipher=RC4-MD5); Thu, 09 Oct 2008 07:18:19 -0700 (PDT) From: "Steve Feuerbacher" <steve@goodtelco.com> To: "'Dwight Beagle'" <dbeagle@broadvox.net> References: <4ABA3E162F60624A949503A7F960245EB0853534DC@CLEHBEXMS01.broadvox.local> <001001c90f69$ab584000$0208c000$@com> <4ABA3E162F60624A949503A7F960245EB0853536A2@CLEHBEXMS01.broadvox.local> In-Reply-To: <4ABA3E162F60624A949503A7F960245EB0853536A2@CLEHBEXMS01.broadvox.local> Subject: RE: Date: Thu, 9 Oct 2008 09:18:13 -0500 Message-ID: <001701c92a19$de7e2dd0$9b7a8970$@com> MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_NextPart_000_0018_01C929EF.F5A825D0" X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AckPV3WoTxEEjHEbR4WEMdxEDZIAigAEgKXgAAKXofAGqXNxcA== Content-Language: en-us This is a multipart message in MIME format. ------=_NextPart_000_0018_01C929EF.F5A825D0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0019_01C929EF.F5A84CE0" ------=_NextPart_001_0019_01C929EF.F5A84CE0 Content-Type: text/plain; charset="us-ascii"

Issue description: Mail from a single external domain user always being rejected with error 550 5.7.1 Requested action not taken: message refused Collect info: 1. How are the other customers also from goodtelco.com? So affect user is the only one in that domain? 2. Does that user has sent the messages to your domain successfully ever before? 3. Which servers IP is 10.141.68.5? Troubleshooting: 1. Check if the message ever being received by edge a. Launch EMS b. Get-Messagetrackinglog -Sender "steve@goodtelco.com" -Start "10/07/2008 7:42:00PM" -End "10/11/2008 7:52:00 PM" c. If yes, check the output of that message 2. Check if NDR has been sent a. Launch EMS b. Get-Messagetrackinglog -Recipient "steve@goodtelco.com" -Start "10/07/2008 7:42:00PM" -End "10/11/2008 7:52:00 PM" 3. On the edge, check anti-spam a. IP block list b. Sender filtering 4. Check SMTP logging on the Receive connector of the edge a. Enable the logging if not yet b. Search logging for the message from steve Notes: default location is \Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpReceive 5. It suggested that steve send another testing mail with only plain-text content again for the testing above References: Managing Message Tracking How to configure Message Tracking Logging SMTP Protocol Activity

1. How are the other customers also from goodtelco.com? So affect user is the only one in that domain? No one on that domain are able to send us messages. I believegoodtelco isusing Google Aps for their domain settings. I queried their DNS to find this out. 2. Does that user has sent the messages to your domain successfully ever before? Users from that domain were able to send us messages before at one time. The problem happened just recently. The only thing I changed in that time frame was adding "zen.spamhaus.org" in our IP Block List on the Edge Server. Thinking that this was the problem, I took SpamHaus back out. The problem still happened when I did this. And, it was at that time, I disabled all our spam/content filtering on the Edge Server. This didn't fix the problem either. 3. Which servers IP is 10.141.68.5? I believe it's his laptop. ----- Get-Messagetrackinglog -Sender "steve@goodtelco.com" -Start "10/07/2008 7:42:00PM" -End "10/11/2008 7:52:00 PM" I don't see any indication in our logs that he is even reaching us, which is why I was wondering if there is a way to check to see if we sent him an NDR or if it is we that are truly bouncing his e-mail back. I tried your suggestion there and nothing happened. When I typed in the command, it didn't complete. The command created a prompt for me type in more information (?). 3. On the edge, check anti-spam I turned those options off when the problem starting happening. It didn't help. ----- They're still having a problem sending us e-mail too.

This problem was fixed. The customer was listed on SpamHaus. The customer has fixed this on their end.