I am currently running SBS2003R2. The server handles all mail requests (sending and receiving) on itself. I have a static IP provided by my ISP, which goes to my router, and my server controls the ports on that router, allowing everything to pass through on the local LAN to my server.
The issue that I am having pertains to one domain, rediffmail.com or rediff.com
When sending from any of our client computers (or as an admin) the message stays in queue for 48hours returning with a #4.4.7 error. I tried to send another message to the domain from a different account, and the same error shows up. While the message is in queue, I not the there is a message on the System Manager window stating that it cannot connect to remote domain.
I attempted to telnet to the domain with port 25, and it says it cannot connect. The same error occurred whilst trying their IP.
I am running McAfee On Access Scan so I disabled all options in the console, and to no avail the problem still exists. My next option is to call my provider to resubmit my PTR records.
Posts: 6812
Joined: 9.Jun.2004
From: Philadelphia PA
Status: offline
If it's only one domain you're probably not having a problem.
I just did an nslookup and there's one MX record at preference 5. Only one is odd, there's usually two or more. Try and telnet to 25 of that host and see what you get. Do the same thing to a domain you know you can get to as well, just to prove to yourself you get the banner. Don't bother trying to put a test message onto the server; you're just after the banner.
I've tried telnet to a few domains, and this is what I get:
C:\Documents and Settings\*****>telnet rediffmail.com 25 Connecting To rediffmail.com...Could not open connection to the host, on port 25 : Connect failed
C:\Documents and Settings\*****>telnet gmail.com 25 Connecting To gmail.com...Could not open connection to the host, on port 25: Con nect failed
Moreover, I also checked the On-Access Security LOG and this is what was written in there:
12/8/2011 10:24:29 AM Would be blocked by port blocking rule (rule is currently not enforced) C:\WINDOWS\system32\telnet.exe Anti-virus Standard Protection:Prevent mass mailing worms from sending mail 202.137.234.20:25 12/8/2011 12:20:44 PM Would be blocked by port blocking rule (rule is currently not enforced) C:\WINDOWS\system32\telnet.exe Anti-virus Standard Protection:Prevent mass mailing worms from sending mail 202.137.235.12:25 12/8/2011 12:21:52 PM Would be blocked by port blocking rule (rule is currently not enforced) C:\WINDOWS\system32\telnet.exe Anti-virus Standard Protection:Prevent mass mailing worms from sending mail 74.125.226.85:25
ANY HELP PLEASE!!!! Its driving me nuts! I can send to other domains but rediffmail
Posts: 6812
Joined: 9.Jun.2004
From: Philadelphia PA
Status: offline
Those things you pasted in aren't hosts; they're domains. You can't telnet to rediffmail.com. You have to telnet to the host name. Do you know how to do an nslookup and set type to MX? Do that and you'll see the full host name.
Don't worry about those messages from your Mcafee. It says "would be blocked" which means it's going to allow it through.
MX TEST: 30 mx.kmibrokers.com 173.209.158.74 60 min SMTP TEST: 220 kmibrokers.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Thu, 8 Dec 2011 15:08:36 -0500
OK - 173.209.158.74 resolves to remote.kmibrokers.com OK - Reverse DNS matches SMTP Banner 0 seconds - Good on Connection time Not an open relay. 5.569 seconds - Warning on Transaction time
Session Transcript: HELO please-read-policy.mxtoolbox.com 250 kmibrokers.com Hello [64.20.227.133] [78 ms] MAIL FROM: <supertool@mxtoolbox.com> 250 2.1.0 supertool@mxtoolbox.com....Sender OK [62 ms] RCPT TO: <test@example.com> 550 5.7.1 Unable to relay for test@example.com [5226 ms] QUIT 221 2.0.0 kmibrokers.com Service closing transmission channel [62 ms]
NS LOOKUP:
NS ns1.netfirms.com 65.254.254.157 60 min NS ns2.netfirms.com 66.96.142.145 60 min
Now these are the results I got from my CMD Prompt when doing it from the server:
Microsoft Windows [Version 5.2.3790] (C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\KMIADMIN>nslookup Default Server: kmisbs.kmibrokers.local Address: 192.168.10.1
> server kmibrokers.com Default Server: kmibrokers.com Address: 173.209.158.74
> set q=MX > kmibrokers.com Server: kmibrokers.com Address: 173.209.158.74
*** kmibrokers.com can't find kmibrokers.com: No response from server
OK - 202.137.234.30 resolves to rm-vs-234-f4-sm-25.rediff.com Warning - Reverse DNS does not match SMTP Banner 0 seconds - Good on Connection time Not an open relay. 2.730 seconds - Good on Transaction time
Session Transcript: HELO please-read-policy.mxtoolbox.com 250 f4mail-234-218.rediffmail.com [265 ms] MAIL FROM: <supertool@mxtoolbox.com> 250 ok [281 ms] RCPT TO: <test@example.com> 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) [265 ms] QUIT 221 f4mail-234-218.rediffmail.com [281 ms] reverse lookup smtp diag port scan blacklist
Reported by mxtoolbox.com on Thursday, December 08, 2011 at 3:37:46 PM (GMT-6) (History)
ptr:202.137.234.30 ptr
Type IP Address Domain Name TTL PTR 202.137.234.30 rm-vs-234-f4-sm-25.rediff.com 30 min reverse lookup smtp diag port scan blacklist
Reported by host-202-137-237-103.rediffdns.com on Thursday, December 08, 2011 at 3:37:38 PM (GMT-6) (History)
ptr:202.137.234.30 ptr
Type IP Address Domain Name TTL PTR 202.137.234.30 rm-vs-234-f4-sm-25.rediff.com 30 min reverse lookup smtp diag port scan blacklist
Reported by host-202-137-237-103.rediffdns.com on Thursday, December 08, 2011 at 3:37:23 PM (GMT-6) (History)
mx:rediffmail.com Find Alerts mx
Pref Hostname IP Address TTL 5 mx.rediffmail.rediff.akadns.net 202.137.234.30 5 min SMTP Test Blacklist Check dns lookup ns lookup mx lookup whois lookup
Reported by asia2.akam.net on Thursday, December 08, 2011 at 3:37:15 PM (GMT-6) (History) -----
Posts: 8196
Joined: 7.Jan.2004
From: California, USA
Status: online
The return code from attempted Telnet sessions indicates the recipient system is denying access. The text of the message returned indicates the recipient or the ISP is using Commtouch as their gateway filter. I'd suggest that you contact someone at the recipient domain and ask them to assist in troubleshooting the problem.
_____________________________
Regards,
Dean T. Uemura Microsoft MVP - Exchange exchangeguy.blogspot.com uemurad@yahoo.com
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [Microsoft Exchange 2003] >> Message Routing >> SMTP Connector not routing to certain domains 
SMTP Connector not routing to certain domains - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread
