Results 1 to 8 of 8

Thread: Exchange 2003

  1. #1
    Mostly Me Lucio's Avatar
    Join Date
    Mar 2007
    Location
    Tring
    Posts
    5,163
    Thanks
    443
    Thanked
    448 times in 351 posts
    • Lucio's system
      • Motherboard:
      • Gigabyte GA-970A-UD3P
      • CPU:
      • AMD FX-6350 with Cooler Master Seldon 240
      • Memory:
      • 2x4GB Corsair DDR3 Vengeance
      • Storage:
      • 128GB Toshiba, 2.5" SSD, 1TB WD Blue WD10EZEX, 500GB Seagate Baracuda 7200.11
      • Graphics card(s):
      • Sapphire R9 270X 4GB
      • PSU:
      • 600W Silverstone Strider SST-ST60F
      • Case:
      • Cooler Master HAF XB
      • Operating System:
      • Windows 8.1 64Bit
      • Monitor(s):
      • Samsung 2032BW, 1680 x 1050
      • Internet:
      • 16Mb Plusnet

    Exchange 2003

    Ok, I'm tearing my hair out over this one because no matter whom I ask, I get a response "everything is setup correctly"

    Our Exchanger server decided this morning to not want to play ball. Our outbound e-mails seem to either a) generate an NDR (shown below) or B) suffer from a 1 to 2 hour time delay before being delivered.

    All of this points to the action of a spam filter (to my mind at least) but we're only blacklisted with one organisation for a tiny error (our rDNS is generic rather than domain specific)


    The NDR is as follows

    "You do not have permission to send to this recipient. For assistance, contact your system administrator. <81-178-1-159.dsl.pipex.com #5.7.1 smtp;550 5.7.1 Unable to relay for xxx@xxx.com>"


    Basically my question is, who should I be chasing for a resolution of the problem? The guys who configured our Exchange server? Our ISP? The people who have us blacklisted?? All of them????

    This shouldn't just suddenly stop working like this! We've made no changes to our setup in the last couple of months and as far as I can see, it's intermittant in the failures, there's no defining feature as to the problem
    Last edited by Lucio; 25-04-2011 at 01:20 PM.

  2. #2
    TiG
    TiG is offline
    Walk a mile in other peoples shoes...
    Join Date
    Jul 2003
    Location
    Questioning it all
    Posts
    6,213
    Thanks
    45
    Thanked
    48 times in 43 posts

    Re: Exchange 2003

    5.7.1 is a relay denied problem.

    Its going to be down to one of the following types of things.
    1. Your sender doesn't have permissions
    2. You are relaying incorrectly. (spoofing? see below)

    I'm not sure why you've got a gmail.com e-mail address listed for i'm assuming your company account. That doesn't make sense to me.

    TiG
    -- Hexus Meets Rock! --

  3. #3
    Mostly Me Lucio's Avatar
    Join Date
    Mar 2007
    Location
    Tring
    Posts
    5,163
    Thanks
    443
    Thanked
    448 times in 351 posts
    • Lucio's system
      • Motherboard:
      • Gigabyte GA-970A-UD3P
      • CPU:
      • AMD FX-6350 with Cooler Master Seldon 240
      • Memory:
      • 2x4GB Corsair DDR3 Vengeance
      • Storage:
      • 128GB Toshiba, 2.5" SSD, 1TB WD Blue WD10EZEX, 500GB Seagate Baracuda 7200.11
      • Graphics card(s):
      • Sapphire R9 270X 4GB
      • PSU:
      • 600W Silverstone Strider SST-ST60F
      • Case:
      • Cooler Master HAF XB
      • Operating System:
      • Windows 8.1 64Bit
      • Monitor(s):
      • Samsung 2032BW, 1680 x 1050
      • Internet:
      • 16Mb Plusnet

    Re: Exchange 2003

    Well, the listed e-mail address is where I'm sending to. Not quite sure why it appears there either to tell you the truth when it's being sent via Outlook 2003.

    Checking the e-mail headers of the ones that do get through (2 hours later mind you), it does appear that our Pipex system is now relaying to tiscali.

    I'm wondering if that's what's causing the problems because they're in the process of switching over the network thanks to the take over a few months back?


    EDIT:

    In fact, doesn't this part of the header

    X-IronPort-Anti-Spam-Filtered: true
    X-IronPort-Anti-Spam-Result: Ao8CACv5aUc+8aMG/2dsb2JhbACCb6dA
    X-IronPort-AV: E=Sophos;i="4.24,189,1196640000";
    d="scan'208,217";a="3662735"
    Received: from astro.systems.pipex.net ([62.241.163.6])
    by smtp.pipex.tiscali.co.uk with ESMTP; 20 Dec 2007 12:11:42 +0000


    Indicate that there's a spam filtering check on the e-mail when it goes from astro.systems.pipex.net to smtp.pipex.tiscali.co.uk ??

  4. #4
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    385 times in 314 posts

    Re: Exchange 2003

    are you using an SMTP smart host or trying to send out directly from your exchange box ?
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  5. #5
    Mostly Me Lucio's Avatar
    Join Date
    Mar 2007
    Location
    Tring
    Posts
    5,163
    Thanks
    443
    Thanked
    448 times in 351 posts
    • Lucio's system
      • Motherboard:
      • Gigabyte GA-970A-UD3P
      • CPU:
      • AMD FX-6350 with Cooler Master Seldon 240
      • Memory:
      • 2x4GB Corsair DDR3 Vengeance
      • Storage:
      • 128GB Toshiba, 2.5" SSD, 1TB WD Blue WD10EZEX, 500GB Seagate Baracuda 7200.11
      • Graphics card(s):
      • Sapphire R9 270X 4GB
      • PSU:
      • 600W Silverstone Strider SST-ST60F
      • Case:
      • Cooler Master HAF XB
      • Operating System:
      • Windows 8.1 64Bit
      • Monitor(s):
      • Samsung 2032BW, 1680 x 1050
      • Internet:
      • 16Mb Plusnet

    Re: Exchange 2003

    Quote Originally Posted by Moby-Dick View Post
    are you using an SMTP smart host or trying to send out directly from your exchange box ?
    As far as I understand the setup we have here it works as follows

    Outlook on local client -> Default SMTP Relay
    Default SMTP Relay -> ASSP spam filtering application
    ASSP spam filtering -> Pipex (81-178-1-159.dsl.pipex.com)
    Pipex -> Rest of World


    Inbound come directly to us as our MX record is set to our IP address and works fine.


    I honestly don't know the difference between an SMTP smart host or directly sending, but I'm guessing that we use the former as we send to an address at Pipex (and it's our rDNS setting)

  6. #6
    Senior Member
    Join Date
    Mar 2005
    Posts
    4,825
    Thanks
    161
    Thanked
    358 times in 288 posts
    • badass's system
      • Motherboard:
      • ASUS P8Z77-m pro
      • CPU:
      • Core i5 3570K
      • Memory:
      • 32GB
      • Storage:
      • 1TB Samsung 850 EVO, 2TB WD Green
      • Graphics card(s):
      • Radeon RX 580
      • PSU:
      • Corsair HX520W
      • Case:
      • Silverstone SG02-F
      • Operating System:
      • Windows 10 X64
      • Monitor(s):
      • Del U2311, LG226WTQ
      • Internet:
      • 80/20 FTTC

    Re: Exchange 2003

    Check the following*:
    Make sure you can see routing/administrative groups in your exchange organisation. I assume this is a single exchange server.
    Go to the first routing group and look for any connector there. See if it is setup for smarthosting (it'll be obvious when you go through the options)
    If it is setup for smarthosting, get on to the box that is doing the smarthosting. If not, stay on the exchange server.
    Whichever box you are on, go to WhatIsMyIP.com
    note your external IP address.
    go to DNS tools, reports and Hosting tests, advanced network and domain name tools.
    in the reverse DNS lookup, enter that IP address.
    Note the result - there should be something like Answer:
    111.111.111.111 PTR record: hostname.mydomain.com. [TTL 86400s] [A=111.111.111.111]
    on the last line.
    the first IP address and the [A=x.x.x.x] IP address should match.
    If not, this is a problem and needs to be fixed.
    Next, if you are not smarthosting, go to your exchange administrator. Browse to your server and open up the default SMTP server properties (there should be only 1 SMTP server. If there is more than 1, post the info here and ignore the rest of this post) bring up its properties. Click delivery then click advanced. make sure the fully qualified domain name matches your A and PTR records and that smart host has nothing it it.
    If you are smart hosting and the smart host is in your network, you need to make sure it is announcing itself as the hostname you found above.
    This is enough to get your email almost anywhere, apart from Yahoo, who are a bunch of **** and if thats the case, you need to look into setting up SPF records SPF: Project Overview

    Let us know how you get on.



    * This assmues you are on a site with 1 public IP address an 1 exhange server and are using port forwarding+NAT/PAT on the firewall to provide internet access/email etc
    "In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship."

  7. Received thanks from:

    Lucio (21-12-2007)

  8. #7
    Mostly Me Lucio's Avatar
    Join Date
    Mar 2007
    Location
    Tring
    Posts
    5,163
    Thanks
    443
    Thanked
    448 times in 351 posts
    • Lucio's system
      • Motherboard:
      • Gigabyte GA-970A-UD3P
      • CPU:
      • AMD FX-6350 with Cooler Master Seldon 240
      • Memory:
      • 2x4GB Corsair DDR3 Vengeance
      • Storage:
      • 128GB Toshiba, 2.5" SSD, 1TB WD Blue WD10EZEX, 500GB Seagate Baracuda 7200.11
      • Graphics card(s):
      • Sapphire R9 270X 4GB
      • PSU:
      • 600W Silverstone Strider SST-ST60F
      • Case:
      • Cooler Master HAF XB
      • Operating System:
      • Windows 8.1 64Bit
      • Monitor(s):
      • Samsung 2032BW, 1680 x 1050
      • Internet:
      • 16Mb Plusnet

    Re: Exchange 2003

    Thanks for that Badass. I'm blocked from using dnsstuff atm, but from other tools and previous checks, I'm fairly sure our rDNS is 81-178-1-159.dsl.pipex.com which is blacklisted...


    However, I've been inventive and managed to setup our servers so that it's the one sending the e-mails directly for the time being. I've added a SPF record to our site that says both our SMTP server and our webserver are authorised to send e-mails out.

    The only downside is that we can't e-mail AOL customers, as our rDNS record shows a pipex address, but to get past everyone else's spam filters I have to put our MX record.

    Emails are at least once more flowing again and it annoys me that our external IT support couldn't think of this! It really bugs me when me, as an untrained SysAdmin that I can come up with solutions (with some help from Hexus and Google!)

  9. #8
    Mostly Me Lucio's Avatar
    Join Date
    Mar 2007
    Location
    Tring
    Posts
    5,163
    Thanks
    443
    Thanked
    448 times in 351 posts
    • Lucio's system
      • Motherboard:
      • Gigabyte GA-970A-UD3P
      • CPU:
      • AMD FX-6350 with Cooler Master Seldon 240
      • Memory:
      • 2x4GB Corsair DDR3 Vengeance
      • Storage:
      • 128GB Toshiba, 2.5" SSD, 1TB WD Blue WD10EZEX, 500GB Seagate Baracuda 7200.11
      • Graphics card(s):
      • Sapphire R9 270X 4GB
      • PSU:
      • 600W Silverstone Strider SST-ST60F
      • Case:
      • Cooler Master HAF XB
      • Operating System:
      • Windows 8.1 64Bit
      • Monitor(s):
      • Samsung 2032BW, 1680 x 1050
      • Internet:
      • 16Mb Plusnet

    Re: Exchange 2003

    Out of interest, has anyone ever managed to get their ISP to change the rDNS record on their static IP?

    I'd really like to keep the setup as it is because it's so much easier to diagnose problems but without a correct rDNS resolution back to our servers, AOL won't accept e-mail.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Who can't wait for Forza 2?
    By Veles in forum Console
    Replies: 159
    Last Post: 30-05-2007, 11:07 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •