User not local; please try <forward-path> and smarthosts

799 views
Skip to first unread message

loupgarou

unread,
Jun 22, 2007, 4:03:05 AM6/22/07
to
exchange2003

I have a huge problem with this.

I have two servers. my main server receives mail from the internet,
and forwards unresolved mail to my secondary mail server in china


my secondary server in china is supposed to forward all mail for
delivery via smarthost to my server in singapore.

recently (about 1 year after NORMAL operations), something has screwed
up and I've been getting lots of
551 User not local; please try <forward-path> errors.

after completely redoing all connectors, it seems only mail that is
forwarded from my email journal archive to my singapore archive for
backup is being bounced. why is this? a manual telnet connection
doesn't even give the same results.

jarc...@insight.com.sg exists in singapore.
it is forwarded by my email archive using the [exchange general,
forwarding, via a active directory contact with the email of
jarc...@insight.com.sg.


also, does anyone have any expert recommendations about smarthost
configuration?


see logs below.


------------------SMTP LOG -----------------------

203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:37 +0800]
"EHLO -?[222.66.69.186] SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:37
+0800] "- -?250-exchange2003.insight.com.sg Hello [222.66.69.186]
SMTP" 0 53
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:39 +0800]
"AUTH -?GSSAPI
TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFAs4OAAAADw== SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:39
+0800] "- -?334
TlRMTVNTUAACAAAAGAAYADgAAAAFgomipfSn7ElyCukAAAAAAAAAALYAtgBQAAAABQLODgAAAA9JAE4AUwBJAEcASABUAEcAUgBPAFUAUAACABgASQBOAFMASQBHAEgAVABHAFIATwBVAFAAAQAYAEUAWABDAEgAQQBOAEcARQAyADAAMAAzAAQAHABpAG4AcwBpAGcAaAB0AC4AYwBvAG0ALgBzAGcAAwA2AGUAeABjAGgAYQBuAGcAZQAyADAAMAAzAC4AaQBuAHMAaQBnAGgAdAAuAGMAbwBtAC4AcwBnAAUAHABpAG4AcwBpAGcAaAB0AC4AYwBvAG0ALgBzAGcAAAAAAA==
SMTP" 0 356
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:39
+0800] "- -?235 2.7.0 Authentication successful. SMTP" 0 36
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:39 +0800]
"MAIL -?FROM:<> SIZE=18754 SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:40
+0800] "- -?250 2.1.0 <>....Sender OK SMTP" 0 25
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:40 +0800]
"RSET - SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:45
+0800] "- -?250 2.0.0 Resetting SMTP" 0 19
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:45 +0800]
"RSET - SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:45
+0800] "- -?250 2.0.0 Resetting SMTP" 0 19
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:45 +0800]
"MAIL -?FROM:<xx...@insightadjusters.com> SIZE=45736 SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:46
+0800] "- -?250 2.1.0 xx...@insightadjusters.com....Sender OK SMTP" 0
54
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:46 +0800]
"RCPT -?TO:<xx...@insightadjusters.com> SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:46
+0800] "- -?250 2.1.5 xx...@insightadjusters.com SMTP" 0 40
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:46 +0800]
"XEXCH50 -?2040 2 SMTP" 0 7
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:46
+0800] "- -?354 Send binary data SMTP" 0 20
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:46
+0800] "- -?250 XEXCH50 OK SMTP" 0 14
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:46 +0800]
"BDAT -?45736 LAST SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:52
+0800] "- -?250 2.6.0 <E0F913B2487C65469A2EEA534AF9F9AB08EB1D@jinhui-
dc.jinhuila.local> Queued mail for delivery SMTP" 0 101
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:52 +0800]
"RSET - SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:52
+0800] "- -?250 2.0.0 Resetting SMTP" 0 19
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:52 +0800]
"MAIL -?FROM:<> SIZE=45739 SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:52
+0800] "- -?250 2.1.0 <>....Sender OK SMTP" 0 25
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:52 +0800]
"RCPT -?TO:<jarc...@insight.com.sg> NOTIFY=NEVER SMTP" 0 4
203.126.27.55 - OutboundConnectionResponse [22/Jun/2007:15:49:52
+0800] "- -?551 User not local; please try <forward-path> SMTP" 0 45
203.126.27.55 - OutboundConnectionCommand [22/Jun/2007:15:49:52 +0800]
"RSET - SMTP" 0 4

--------------------------------------------------------
---telnet log--------------

220 exchange2003.insight.com.sg Microsoft ESMTP MAIL Service, Version:
6.0.3790.
3959 ready at Fri, 22 Jun 2007 15:55:07 +0800
HELO 222.66.69.186
250 exchange2003.insight.com.sg Hello [222.66.69.186]
mail from:<>
250 2.1.0 <>....Sender OK
rcpt to:<jarc...@insight.com.sg>
250 2.1.5 jarc...@insight.com.sg
data
354 Start mail input; end with <CRLF>.<CRLF>
.
250 2.6.0 <EXCHANGE2003f...@exchange2003.insight.com.sg>
Queued mail
for delivery
quit
221 2.0.0 exchange2003.insight.com.sg Service closing transmission
channel


Connection to host lost.

Rich Matheisen [MVP]

unread,
Jun 22, 2007, 9:17:50 PM6/22/07
to
loupgarou <uck...@gmail.com> wrote:

>exchange2003
>
>I have a huge problem with this.

Are you using any exim mail servers? That "551 User not local; please
try <forward-path>" sure looks like something they send!

--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
Don't send mail to this address mailto:h.p...@getronics.com
Or to these, either: mailto:h.p...@pinkroccade.com mailto:melvin.mcp...@getronics.com mailto:melvin.mcp...@pinkroccade.com

loupgarou

unread,
Jun 29, 2007, 7:53:07 AM6/29/07
to
On Jun 23, 9:17 am, "Rich Matheisen [MVP]"

<richn...@rmcons.com.NOSPAM.COM> wrote:
>
> Are you using any exim mail servers? That "551 User not local; please
> try <forward-path>" sure looks like something they send!

no, these are exchange servers.


--------------------------------------------------------------------------------

FROM: Microsoft
Sent: Friday, June 29, 2007 5:03 PM
To: Chris Low

I have checked the Netmon you provided.

The Netmon log can prove the "551 User Not Local" response is not from
your Singapore mail server.

Please check the response1.jpg file. The Time To Live value from
Singapore server to China server is 111 (128-111=17). However, the TTL
for the response "User not local" is 56 (64-56=8). Windows system's
original TTL is 128 while some third party device's original TTL is
64. Thus, we know there is a device between your Singapore server and
China Server, which jumped in the SMTP communication and responded
"551 user not local" error. Thus the China server received this fatal
error and terminated the mail delivery.

This is the same symptom as I mentioned previously. And this issue has
been reported by other users who have similar scenarios. Since the
issue resides on the network used by the China server, one workaround
is to establish VPN or another network which will not have such issue.

Hope the information is helpful.

Regards,

-----
I contacted microsoft PAID support over this issue,


FROM: Microsoft

Sent: Thursday, June 28, 2007 3:09 PM
To: Chris Low

As I mentioned on the phone, the problem may be related to a known
issue with Great Firewall of China (GFW). You can search "551 user not
local" and "Great Firewall" on Internet. You will see numerous
questions regarding the same error on SMTP. As far as I know, we can't
resolve this unless we switch to a different network link which is not
affected by GFW.

I have checked the SMTP log you have provided. We can see that in
China server's SMTP log, there is "User Not Local" response. However,
in Singapore server log, we won't see any "User Not Local" error. This
indicates the error is not responded by the Singapore server but a
device between the two servers.

To verify this, I suggest that we use Netmon to capture the network
traffic on the JINHUI-DC which sends messages to Singapore. The TTL
(time to live) value will tell us whether the error is returned by the
Singapore server. To do so, please refer to the following steps:

· Install Network Monitor in Add/Remove programs/Windows
components.

· Locate the Network Monitor icon on the Start Menu. This is
most likely in the following location: "Start/(All) Programs/
Administrative Tools/Network Analysis Tools". If Administrative Tools
is not an option on the Programs Menu, then you may need to go to
"Start/Control Panel/Administrative Tools/Network Analysis Tools"
instead.

· Run Network Monitor

· First time it is run, it will ask you to choose a network to
capture on. Expand "Local Computer"

· If there are two or more options under Local Computer, then
highlight each one and look at the statistics.

· At least one option should state that it's a Dial-up or VPN
connection. Only select this if you are needing to capture traffic
across an Analog Modem or VPN connection.

· The other option should be an Ethernet connection and will
state that it's not a dial-up or VPN. This is the option you want to
choose for capturing traffic on a LAN or broadband (DSL or Cable
Modem) Internet connection.

· Once the correct option is selected, click on OK.

· Now you are in the primary Network Monitor window.

· Click on the "Capture" Menu, then select "Buffer Settings".

· Change the Buffer Setting Size to 100MB (unless otherwise
instructed by your Support Professional), then click on OK.

· To Start a capture, you will choose the "Capture" Menu
again, then select "Start Capture".

· To Stop a capture, select the "Capture" Menu, and choose
"Stop Capture".

· Once the capture is completed, save the capture as a file by
choosing the "File" menu, then going to "Save As".

· Rename the file to your CaseNumber.cap, then send the file
to me for analysis.

To make sure we can capture the traffic when the error happens, we can
also temporarily change the SMTP Connector in China to route all
outbound mails to Singapore since that will generate more User Not
Local error.

Reply all
Reply to author
Forward
0 new messages