Weird Exchange Issue still hanging around

0 pts.
Tags:
Desktops
Management
Microsoft Exchange
Microsoft Windows
OS
Security
Servers
SQL Server
Not sure if anyone here has experienced this or is still having this issue but I am having a heck of a time getting this resolved. Here is the issue: We have Exchange 2003 sp2 on Windows 2k SP4 and we can not send e-mails to certain domains. I have tried setting these domains as seperate connectors in Exchange Server with no luck. I've got external DNS setup correctly in Exchange server and still can't send to certain domains that are hosted with our ISP. I can not get them to budge as to what they changed nor is it a spam filtering issue. Anyone else have any other thoughts to try? Thanks!
ASKED: January 19, 2007  1:05 PM
UPDATED: January 24, 2007  10:43 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

A couple of questions first …

1. Are you getting an error when you try to send?
2. Are you getting emails bounced back to the sender?
3. Are the emails just sitting in the queues waiting?

Here is something to check on and this will cause you many problems with sending to certain domain.

A lot of companies have started using enhanced DNS resolution by doing a reverse look up on the sending domain to reduce the number of spam emails. If the server does not find a PTR record in the public DNS servers for your Exchange server that points to your domain then the SMTP connections are refused.

Get your ISP to setup a PTR record with the name of your Exchange server (ie. myexchangenetbiosname.mydomain.com)that points to your domain.

Keep us informed.

Discuss This Question: 9  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Slashman
    The e-mails are just sitting in the queues and then eventually get deleted and sent the sender a rejected notice. We do have a PTR record setup with our ISP so that isn't an issue either. I've pretty much tried most of the items discussed on the support pages of MS but to no avail. I also have a cisco pix firewall that we have that has the no fixup protocol set for SMTP. Open to other suggestions. Sincerely, Frustrated with Exchange and ISP.
    0 pointsBadges:
    report
  • Rsweiss
    I experienced this same problem about a year ago and it turned out it was my fortigate firewall IPS settings. I don't remember the IPS signature, but try sending a message to one of the domains that you have problems with, and then immediately look at your IPS alert logs to see which signature you may have to allow.
    0 pointsBadges:
    report
  • Rsweiss
    This is the ips setting that I had to switch back to allow - this vulnerability doesn't effect exchange 2003 http://www.fortinet.com/ids/ID102498328
    0 pointsBadges:
    report
  • Slashman
    We don't use Fortigate firewalls or anything like that. We have Cisco Firewalls and panada anti-virus. Again the messages just sit in the queues wating to go out till they fail. Hard to look at my cisco logs to see when they are going out because of how much traffic is going in and out. Other suggestions?
    0 pointsBadges:
    report
  • Rsweiss
    I saw you were using pix and I am not that familiar with pix's intrusion protection/detection capabilities. My messages sat in queue before timing out as well. Finally I checked the intrusion alert logs and saw the entry originating from my mail server to a domain I was having this issue with. I switched the setting back to allow this and have not had an issue since. I can only assume that the fortigate ips was interpreting this intrusion probably from the same flavor of mailserver/spam filter that these certain domains were using and was blocking something during the smtp exchange process (looked like from the message tracking, it was during the transmitting of the message). After pretty much troubleshooting everything you have done (days of frustration), this is what it turned out to be. I realize you didn't use a fortigate, but this sure sounds very familiar. You have checked that your domain/mx record isn't listed on any blacklist? Other than that, I feel your pain - good luck.
    0 pointsBadges:
    report
  • Slashman
    WE are not black listed because that was my next thought. I will check on that intrusion item you mentioned and see if that is it. If it is, I'll post the results to change it. Oddly enough i'm currently in the process of learning cisco pix stuff so this will be of some fun. Again, if the issue is the pix i'll post it so other can understand as well in case others find themselves in the same issue.
    0 pointsBadges:
    report
  • Ajdenver
    I had the exact same problem when I upgraded from a Pix 506 to a 515e. Aol was one of the domain names queued and unable to send. Their website pointed to a DNS packet size problem in Cisco equipment. I was able to fix this on the Cisco config by reducing the security level relating to ESMTP Inspect maps. I basically reset the security level from High to Low and voila! Not sure specifically which setting caused the problem, but I'm sure enabling the logging and trial & error would filter out the culprit. Hope this helps & good luck! ~aj
    0 pointsBadges:
    report
  • Slashman
    I'm still in search of an answer that will work. I've been searching for a cisco solution but that is not it either. The cisco solution applies if i have a windows 2003 server. I'm Running EXCHANGE 2003 on a WINDOWS 2000 SP4 box. The cisco thing has to do with the new packets of DNS that Windows 2003 is using. Sorry to burst your bubble on that one but i have found a form with some answers that I hadn't tried yet and i'm still no farther ahead than i was when i started. Here are the items i have tried so far so I don't get redundant solutions: 1) a PTR with ISP for reverse DNS (check) 2) External DNS settings in Exchange (check) 3) Seperate SMTP connector to route mail through (tried it no luck so check) 4) no fixup protocol for SMTP on Pix (check) 5) diable NAV Auto-protect (not running NAV so check) 6) Disable EDNS (not running Windows 2003 so check) The only other thing i haven't tried is a smtp relay inside my network which i don't have the capacity to do. Anyone have a server that i can relay through as a test for this? What is realy weird here is the domains i'm trying to send to are setup on the same ISP as ours but I can send e-mail to the ISP okay... odd Still frustrated with exchange 2003
    0 pointsBadges:
    report
  • Slashman
    Update: The following is something I posted in a different forum to see if i can hit a different group of people and something i just discovered that might be part of the problem here and see if anyone here knows what it might be... I have a Pix 515 and i was wondering if my pix is causing me a problem with sending mail to a mail serverthat my ISP hosts. I have an exchange server be hind this firewall with the appropriate ports open and avaliable. I can connect and send e-mail to any domain i want except and domains that my ISP hosts on their own mail server. I've got everything setup according to all forums, MS articles etc. I am running the SMTPDIAG tool that MS supplies on my mail server to the domains that i am having problems with. In checking the logs on my Pix 515 (while the tool is testing the connection) i get the following line in the log: Deny TCP (no connection) from x.x.x.x/25 to 216.130.224.8/44498 flags FIN PSH ACK on interface inside (x's represents my internal ip address). the 216 address is the IP address of the mail server that I am trying to deliever the mail to and it is the one that my ISP hosts. To switch gears here, We have a seperate Internet connection with a different ISP and I can send mail from my server to the above IP address with no problem, just that i can't send mail to any other domain other than the above server because it doesn't have a reverse dns for that IP address. My question is, why is my pix denying the connection? If it is not then why can't I send mail to that server but i can send mail to anyone else in the world? Mail server is Exchange 2003 sp2 running on Windows 2000 sp4.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following