Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Delivery Notification (Failure) - occasionally emails don't go thr

1 view
Skip to first unread message

Illya Andrianov

unread,
May 24, 2006, 4:20:02 PM5/24/06
to
Dear fellow admins,

YOUR HELP IS NEEDED!!!

Problem:

Some of our customers, sometimes experience problem sending emails to our
domain. In other words, there is no pattern on when it happens. Same mail
from/to same sender/recepient sometimes goes through, but few time it does
not.


I used 3 mail accounts at Yahoo, Homail, Comcast sending same test (about 25
messages per account) messages to miself (corp account). About 1/3 of
messages sent from Hotmail didn't went through.
(yahoo & comcast didn't have any problems, but sometimes messages from other
domains are rejected)


Delivery Status Notification (Failure)

Reporting-MTA: dns;hotmail.com
Received-From-MTA: dns;mail.hotmail.com
Arrival-Date: Mon, 22 May 2006 18:26:11 -0700

Final-Recipient: rfc822;il...@company.com
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;550 il...@company.com unknown user account

################

Configuration:

###Server: Windwos Small Business Server 2003 with Exchange 2003
GFI Content Security 9 (antivirus)
GFI MailEssentials 9 (antispam)


Firewall Exchange Server
__________________+ +_________________+
| | | |
| X WAN 64.79.x.x | | |
| | | |
| X DMZ 10.100.100.1 |----------- | X 10.100.100.3 |
| | | |
| X LAN 192.168.10.250|--------- | X 192.168.10.253 |
| | | |
|__________________+ +_________________+

###Exchge server ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : company-exchange
Primary Dns Suffix . . . . . . . : company.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : company.local

Ethernet adapter Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com 3C905TX-based Ethernet Adapter
Physical Address. . . . . . . . . : 00-60-08-AD-EC-02
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.100.100.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.100.100.1
DNS Servers . . . . . . . . . . . : 192.168.10.253
Primary WINS Server . . . . . . . : 192.168.10.253
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Server Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
Physical Address. . . . . . . . . : 00-0D-61-13-E2-70
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.253
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.10.253
Primary WINS Server . . . . . . . : 192.168.10.253

###
C:\Documents and Settings\Administrator>route print

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 60 08 ad ec 02 ...... 3Com 3C905TX-based Ethernet Adapter (Gen
)
0x10004 ...00 0d 61 13 e2 70 ...... Intel(R) PRO/1000 CT Network Connection
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.100.100.1 10.100.100.3 1
10.100.100.0 255.255.255.0 10.100.100.3 10.100.100.3 20
10.100.100.3 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.100.100.3 10.100.100.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.10.0 255.255.255.0 192.168.10.253 192.168.10.253 10
192.168.10.253 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.10.255 255.255.255.255 192.168.10.253 192.168.10.253 10
224.0.0.0 240.0.0.0 10.100.100.3 10.100.100.3 20
224.0.0.0 240.0.0.0 192.168.10.253 192.168.10.253 10
255.255.255.255 255.255.255.255 10.100.100.3 10.100.100.3 1
255.255.255.255 255.255.255.255 192.168.10.253 192.168.10.253 1
Default Gateway: 10.100.100.1
=====================================================Persistent Routes:
None


###Access rules at the firewall

Access Rules (WAN > DMZ)
# Priority Source Destination Service Action
1 1 Any mail.comp.com Public mail.comp.com (80, 443) Allow All

3 3 Any mail.comp.com Public SMTP (25) Allow All
4 4 Any Any Any Deny All


Access Rules (WAN > LAN)
# Priority Source Destination Service Action
1 1 Any Any Any Deny All


Access Rules (DMZ > WAN)
# Priority Source Destination Service Action
1 1 Any Any Any Allow All

Access Rules (DMZ > LAN)
# Priority Source Destination Service Action
1 1 Any Any Any Deny All


Access Rules (LAN > WAN & DMZ)
# Priority Source Destination Service Action
1 1 Any Any Any Allow All

As you see, my exchange server sits in both DMZ and Local zone.
The defaul gateway on Exchange server points to firewall interface in DMZ
zone.


###DNS Settings on Exchange server

Zone comapny.local
Listen on following interfaces olny 192.168.10.253
Forwarders: All other DNS Domain
Forwarsder IP Address: 64.79.117.5, 216.218.216.218

###DNSReport.com

INFO MX Record Your 2 MX records are:
0 MAIL.comp.com. [TTL=7200] IP=64.79.x.x [TTL=7200] [US]
50 MAIL2.EASYCGI.com. [TTL=7200] IP=66.245.X.X (No Glue) [TTL=60] [US]

PASS Low port test OK.
PASS Invalid characters OK.
PASS All MX IPs public OK.
PASS MX records are not CNAMEs OK.
PASS MX A lookups have no CNAMEs OK.
PASS MX is host name, not IP OK.
PASS Multiple MX records OK.
PASS Differing MX-A records OK.
PASS Duplicate MX records OK.
PASS Reverse DNS entries for MX records OK.

x.x.79.64.in-addr.arpa comp.com. [TTL=3600]

Mail PASS Connect to mail servers OK: I was able to connect to all of your
mailservers.

WARN Mail server host name in greeting WARNING: One or more of your
mailservers is claiming to be a host other than what it really is (the SMTP
greeting should be a 3-digit code, followed by a space or a dash, then the
host name). If your mailserver sends out E-mail using this domain in its EHLO
or HELO, your E-mail might get blocked by anti-spam software. This is also a
technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname
given in the SMTP greeting should have an A record pointing back to the same
server. Note that this one test may use a cached DNS record.
MAIL.comp.com claims to be host comp.com [but that host is at 66.245.x.x
(may be cached), not 64.79.x.x

___
*** We host our web site at the provider's server.


PASS Acceptance of NULL <> sender OK:
PASS Acceptance of postmaster address OK:

INFO Acceptance of domain literals
WARNING: One or more of your mailservers does not accept mail in the domain
literal format

MAIL.comp.com's postmaster@[64.79.x.x] response:
>>> RCPT TO:<postmaster@[64.79.x.x]>
<<< 550 5.7.1 Unable to relay for postmaster@[64.79.x.x]


PASS Open relay test OK: All of your mailservers appear to be closed to
relaying.
MAIL.comp.com OK: 550 5.7.1 Unable to relay

WARN SPF record Your domain does not have an SPF record.

##############################################

It seems, most likely I have a problem either with DNS configuration OR with
routes.
My understanding, that if email message sometimes goes through and sometime
doesn't because of alternative routes for messages??? eventhought there is
only one default route for 0.0.0.0 ???... or something happens with DNS
querries.

I am not sure what exactly is the cause of the problem, but I need a solution.
The possible solution may be to install smart host in DZM zone, and
configure Exchange to use it. I have GFI Contect security filter on my
Exchange. In can be installed as smart host in DMZ zone.
There are 2 concerns however,

1. Will it resolve the problem?
2. In order for our users to use WEB Outlook, I will need to open port 443
on the firewall to Local zone, to insure access from outsite to exchange
server. It will eleminate the need to have my Exchange server sitting in DZM
and Local zones. But I don't really whant to open any port to my Local zone
for outside requests.

Please, what do you think may cause the problem? And for any of your
suggestions on how to solve it I WILL BE GREATLY APPRECIETED!!!

Thanks

Illya Andrianov.


Leif Pedersen [MVP]

unread,
May 28, 2006, 10:56:28 AM5/28/06
to
Hi,

Look in the properties of the mails (from Outlook) that you do receive. Do
these mails go directly to the exchange server or do they go via your
secondary MX mail provider?

Leif

"Illya Andrianov" <IllyaAn...@discussions.microsoft.com> wrote in
message news:304F7710-CACE-444C...@microsoft.com...

0 new messages