|
|
|
date: Mon, 16 Jun 2008 11:47:56 -0400,
group: microsoft.public.exchange.admin
back
Issues with mail delivery
Hi All
For the last couple of weeks, we have been getting random issues where some
mail servers on the internet will start to deny our email. The message
returned in the DNR from our Exchange server is "550 5.7.1 relaying denied".
Not all servers do this, and some messages go right through, while others
will queue up and make repeated attempts to deliver.
We have our own MX, and our Exchange 2003 server is published behind an ISA
2004 firewall. I have verified with our ISP that all of our DNS records are
correct.
When the problem occurs, if I run telnet on the exchange server and connect
to port 25 on one of the problem destinations, it will accept a message.
However according to on server admin I spoke with, their server didn't even
show any attempt to connect coming from our Exchange itself.
The really strange thing is that if I reboot the ISA server, all the queued
messages deliver. However, at no time does the ISA server log show it is
rejecting anything from the Exchange server.
I checked kb895853 and all the configuration seem to be right. I have
allowed anonymous connectionin the SMTP protocol and my entire IP range is
allowed to conenct to the server. Our DNS servers are using the correct
forwarding IPs.
The error that was in the event log that seems to indicate there is a
problem is as follows:
Event Type: Error
Event Source: MSExchangeTransport
Event Category: SMTP Protocol
Event ID: 7004
Date: 5/30/2008
Time: 8:49:42 AM
User: N/A
Computer: GATEWAY2
Description:
This is an SMTP protocol error log for virtual server ID 1, connection #344.
The remote host "204.202.25.75", responded to the SMTP command "mail" with
"530 authentication required for relay (#5.7.1) ". The full command sent
was "MAIL FROM:<user@ourdomain>". This will probably cause the connection
to fail.
and also event id 4000:
Message delivery to the remote domain 'kwic.com' failed for the following
reason: Unable to bind to the destination server in DNS.
These domains are just samples. When this problem starts, the email for many
domain (including hotmail) starts to back up in our delivery queue.
The confusing part is that restart the ISA firewall fixes the problem. So
its not a firewall issue, otherwise I would think we'd always have a
problem. That other issue is that this only happens with some address, not
all. So it doesn't sound like a config issue. So any suggestions or ideas
would be appreciated.
Thanks
Brian
date: Mon, 16 Jun 2008 11:47:56 -0400
author: Brian Reply2Me@Here
Re: Issues with mail delivery
"Brian" <Reply2Me@Here> wrote:
[ snip ]
>The confusing part is that restart the ISA firewall fixes the problem. So
>its not a firewall issue,
ISA is a firewall, too. :-)
>otherwise I would think we'd always have a
>problem. That other issue is that this only happens with some address, not
>all. So it doesn't sound like a config issue. So any suggestions or ideas
>would be appreciated.
The "Unable to bind to DNS" usually means just that. Either the DNS is
having a problem, or your network is having a problem, or the domain's
a phony.
If the "unable to relay" always identifies the IP address as an
address outside your network, and the command identified is "MAIL
FROM" then it may not be a relay problem, but a configuration problem
at the destination server -- but you say that the problem goes away if
you restart ISA, so there's something else going on that's not related
to Exchange.
--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
Don't send mail to this address mailto:h.pott@getronics.com
Or to these, either: mailto:h.pott@pinkroccade.com mailto:melvin.mcphucknuckle@getronics.com mailto:melvin.mcphucknuckle@pinkroccade.com
date: Mon, 16 Jun 2008 22:12:22 -0400
author: Rich Matheisen [MVP]
|
|
